last executing test programs:

2.910063303s ago: executing program 0 (id=833):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f000000bc40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40, &(0x7f0000000200)=ANY=[], 0x1, 0x6f2, &(0x7f0000000ac0)="$eJzs3U9sHFcZAPBv1mt7N1Udt03TIFWqaVFBWCSxLRfMJQYhZKQKqiDB2WqcxsrmD7aL3B6wC0hcOXBFKgdzgRMIISEhRSpnuFXcLE4VSFx6Snpg0Pxbr93d9TquvS78ftFk3rw3780338y+2V3J2gD+by1NR/1BNGNp+tXNbHt3Z661uzN3pyjXWhExHhG1iHpHr+S9iMUolvhMVlE19DrOL1YXrr//4e4HxVa9XGpR/NfsHWB9kLPYLpeYioiRcn0M+8Z7/fHGG98rJu3MZAl7qUocDNtoRKT7/ODiXks36UjHRs/XO/DpkRTPzQ7F638y4lxENKoH2nbRWDv9CA91pLlo++TiAAAAgDPj/MOtiM2YGHYcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GlS/v5/Ui6PqvJUJNXv/3+uY/exIYbaX//IGlXhQe00ggEAAAAAAACAk/XCw/jN9TSdqLbTJGrfGyk3muX6zViPlXrE5diM5diIjViLmYiY7BhobHN5Y2NtJl7Mty58lKZpPFH0jLV9PWe79pwdMODmcc8YAAAAAAAAAP6nXJsfz9c/jqWYGHYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQKYkYKVb5cqEqT0atHhGNiBjL9tuO+FtVPkPqR+3w4GTiAAAAgCEb3bd1/mE8jM2YqLbTJP/MfzH/3N+IN+NubMRqbEQrVuJG/l1A8am/truzNb27M3cnW8phv/Nke9yv/XvvGL+fODSofMQovnvofuRL+R7NuBmrec3leD3uRStuRC3vmblUxdMRV4d3spiSa4U0jfFB0nWjXGdn/vNyfSqah+0wmWdktJ2Rq1lsSZHHp/pnovPqDODgkWai1v7m50LvI7W/jKlyfq3vUZL/pGlROlfVRDzxrb45z++X0SOdzLEczMRsx913sX/OIz7/h99+/1br7u1byfb0qd1Gj+WF7tXj/6iuUJWJwnasxFxHJp4bOBM31894Jnra/01jLZ5tl5fim/HdmI6peC3WYjV+GMuxESsxFd/IS8vl/Zz9P9k/U4v7tl47LKax8rqMHIjps+eLdb+YXsz7TsRqfDvuxY1YiVfyf7MxE1+O+ZiPhY4r/OwAM22ty6v+j72Df+kLZSGb+H62NwGe4qu7lyyvT3XktXPOnczbOmtqkZZPlqeP8DzqPzdW9h5Z2ZX4ScdrcPjamWhE+ylRRfdMlYHRrpn4VT6trLfu3l67tXz/wLjJdvfjvRz7T//sTCTZ/fJ0e47Yf3dkbc90bZvJ2y6022oH237dbLcd9kodK9/DfXyk2bztuYj4ZRlt1pbJ5vCs7VJHv+z9ViNv+yhN0+L9FgBn3rkvnhtr/qv51+a7zZ82bzVfbXx9/Cvjz4/F6F9Gv1q/OvJy7fnkd/Fu/CgO/4QOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcav2tt28vt1orawcKaZpu9Wg6kULUI/bV/PlPHfvkvzUWEYMPmO29WIvIa+pRFgbo/s+IKGu2Hu903nncJPy9vCankvA+hWTgnRs975+ycO/J8nQepWl66qdT/VbbkbunpaFdgk+4UP1E1seaknpEj15DmY6AU3Rl4879K+tvvf2l1TvLb6y8sXJ3YX5+4erC/CtzV26uthrDDg84QfmzPn+fM+xIAAAAAAAAAAAAgEEN9sc5ye3lKGrq3f6K4LDuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMewNB31B5HEzNXLV7Pt3Z25VrZU5Ww9ku/5KCJqEZFMRSTvRSxGscRkx3BJr+NsR1x//8PdD4qternk+9eOfxbb5RJTZbhT3fdrdKtMt3qNl+Tj3O893oCSchlp1yweazz4hPw3AAD//xEwCSs=")
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
statx(0xffffffffffffff9c, 0x0, 0x100, 0x800, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r2, 0x0, 0xd}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1400000000020071fab64f1270620000"], 0x14}}, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x80000001, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0xf4e0, 0x2}, 0x0, 0x0)
close(0xffffffffffffffff)
r4 = open(&(0x7f0000000080)='./file1\x00', 0xe4802, 0x6)
r5 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r4)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x78, r5, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'ip_vti0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x4015}, 0x41000)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r6 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r6, 0x400448c8, &(0x7f0000000340)={r0, r0, 0x8, 0x0, 0x0, 0x82, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8000007, 'syz0\x00'})

2.909872409s ago: executing program 1 (id=834):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x3008000, &(0x7f0000000140)={[{@quota}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@abort}]}, 0xfe, 0x452, &(0x7f0000000980)="$eJzs3M1vFOUfAPDvzG7L+6/8EF9A0CoaiS8tLS9y8ILRxIMmJnrAeKptIchCDa2JEKLoAY+GxLvxaOJf4EkvRj2ZeNW7ISGGC+hpzezOlKXdbbvtlq3M55MMPM/Os3me78w8u888z04DKK3h7J8kYntE/B4RQ83s3QWGm//dvnl58u+blyeTqNff+itplLt18/JkUbR437Zmpl7P85va1Hv13YiJWm36Qp4fnTv3wejsxUsvnDk3cXr69PT58ePHjxzeP3hs/GhP4sziurX345l9e15759obkyevvffzt1l7t+f7W+NYkXT5IsPNo9vW011VtvHtaEkn1T42hK5UIiI7XQON/j8Uldgyv28oXv2sr40D1lW9Xq+3+37OXakD97Ek+t0CoD+KL/rs/rfY7tHQY0O4caJ5A5TFfTvfmnuq87f4Awvub3tpOCJOXvnnq2yL1cxDAAB06fts/PN8u/FfGg+1lPtfvoayMyL+HxG7IuKBiNgdEQ9GNMo+HBGPdFn/whWSxeOf9PqqAluhbPz3Ur62dff4L22M+7KQK/lyz45G/APJqTO16UP5MTkYA5uy/NgSdfzwym9fdNrXOv7Ltqz+YiyYt+N6dcEE3dTE3MTaor7jxqcRe6vt4k+iWMZJImJPROxdZR1nnv1mX6d9y8e/hB6sM9W/jnimef6vxIL4C0nH9cmxF4+NHx3dHLXpQ6PFVbHYL79efbNT/WuKvwey87+17fU/H//OZHPE7MVLZxvrtbPd13H1j8873tOs9vofTN5upAfz1z6amJu7MBYxmLy++PXxO+8t8kX5LP6DB9r3/13VO0fi0YjILuL9EfFYRDyet/2JiHgyIg4sEf9PLz/1fvfxLzEr30NZ/FPLnf9oPf/dJypnf/yu+/gL2fk/0kgdzF9ZyeffShu4lmMHAAAA/xVp4zfwSToyn07TkZHmb/h3x9a0NjM799ypmQ/PTzV/K78zBtJipmuoZT50LJ8bLvLjC/KH83njLytbGvmRyZnaVL+Dh5Lb1qH/Z/6s9Lt1wLrzvBaUl/4P5aX/Q3np/1Be+j+UV7v+/0kf2gHce77/obz0fygv/R/KS/+HUur4bHy6pkf+1z1RfGRtlPbcD4kTXb0r0o3Q5hIkqiv+YxarTGxqu6vPH0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA98m8AAAD//0Fo4Oc=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000002c0)={0xc, 0x8005, 0x0, 0xe})

2.66024732s ago: executing program 1 (id=835):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2.460603602s ago: executing program 1 (id=836):
r0 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x76, &(0x7f0000000140)=@assoc_value, 0x8)

2.360702469s ago: executing program 1 (id=837):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000100)='btrfs_transaction_commit\x00', r0, 0x0, 0x1}, 0x18)
r1 = syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x800, &(0x7f0000000740), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r1, 0x4008941a, &(0x7f0000000080)=0x2)

2.111228287s ago: executing program 2 (id=838):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$F2FS_IOC_GET_COMPRESS_OPTION(r0, 0x8002f515, 0x0)

1.931095881s ago: executing program 2 (id=839):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x2c, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @loopback}}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

1.930757619s ago: executing program 0 (id=840):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = landlock_create_ruleset(&(0x7f00000002c0)={0x2da8}, 0x18, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000140)={0x400, r0}, 0x0)

1.928048204s ago: executing program 2 (id=841):
syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000400)='./file2\x00', 0x10000, &(0x7f0000000000)=ANY=[], 0x1, 0x1f2, &(0x7f0000000100)="$eJzslc+L00AUx78z0yapevPmxYMLrgfTJFXxsrBePHkQ/LF4ECxudlnNWmlzsAUR/wLv3jz4V4hQr/4RUgVREL2oB08jmUySSU2qbdEi+z7QyTeZ1/de3gtvQBDEgeXd2+8T+W3jgwPgCNZg6+cfRWHDDfs3zpeHry5d3Hpy8/lre+K2yt7sueM3AIwvCMT6Xkopzf01fb0Knutr4Dil9RYYXK1vgeO61iEYbmh9x9C9phZR6N7uRds7e1HoJYufLEGydKbz+/yYYdvIjxn7g+HobjeKwv7iovk7m+rKjT/l+TnAhpGf2S8XabaeUT8fHL7WHTBc0fo8bLiuW5TEeP9jjcK/mPn+FpasyHvVnezJzpSNwJwOmzNsrCTUQqkCrLr3L5b8Gv6tEFAi6+gq0nB07L8TAg0lfkgp//RfouaTkLbAqvtVI15ulmsoH6X3ZePe4dld3qwJYWGhyufzUz5jOGnMp3SUPFWHRTvev98eDEen9/a7u+FueC8IOue8M553NmirQZSu1SNQ+W+p+XSo8N8qIpexmIUH3Tju++ma3wfpWjVxuZp/HOsnoE4OhqOXp/1+BZAdhEz/uLomal3UJk8QBLFCjoOpmazmcib0aaI3LCll8MvQIwiCIAiCIAiCIAjiv+FnAAAA//9lOFcn")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

1.763820552s ago: executing program 0 (id=842):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x4, 0xd, &(0x7f00000032c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x2f}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="e06921e8682d85ff9782762f86dd", 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.761972s ago: executing program 2 (id=843):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0x2, 0x10, 0x1, 0xfffffffc}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x15, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x86}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r2, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

1.660567049s ago: executing program 0 (id=844):
pipe2$9p(&(0x7f0000001900), 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
unshare(0x2c020400)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r0, r0, 0x2f, 0x0, 0x4, @void, @value=r0}, 0x20)

1.511564096s ago: executing program 1 (id=845):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @objref={{0xb}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}, 0x1, 0x0, 0x0, 0x8080}, 0x0)

863.957804ms ago: executing program 0 (id=846):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$sock(r0, &(0x7f00000058c0)=[{{&(0x7f0000003000)=@in6={0xa, 0x4e23, 0x10, @loopback, 0xf254}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x41, 0x101}}], 0x18}}], 0x1, 0x4)

863.596048ms ago: executing program 2 (id=847):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
symlink(&(0x7f00000008c0)='./file0/../file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00')
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x28, 0x0, 0x40698060, 0x7fff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0xfffffffc}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000a280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a305000000000000007becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e5", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x6, 0x6, 0x0, {0x5, 0x6, 0x1000b, 0x100000a, 0x3, 0x0, 0xfffffffe, 0x8000000, 0x0, 0xa000, 0x2000002, 0x0, r2, 0x7, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x8043, 0x0)

776.373234ms ago: executing program 0 (id=848):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair(0x1e, 0x1, 0x200, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setrlimit(0x4, &(0x7f0000000180)={0x80, 0xc7})
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
fsmount(0xffffffffffffffff, 0x1, 0x70)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
socket$kcm(0x29, 0x5, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000140)=0x11)
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000180)=0xd0)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r5, &(0x7f00000003c0)=[{&(0x7f0000000480)}, {&(0x7f0000000280)="111ec20239e272abb2cedf053d666ab41bdf031bdcaca63b9856f15d16d909ca3d83d93e22b370e9df36dc459b", 0x2d}], 0x2, 0x4000001, 0x0)
sendfile(r4, r5, 0x0, 0x8000fb00)

115.587903ms ago: executing program 1 (id=849):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
close(r0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

0s ago: executing program 2 (id=850):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:51882' (ED25519) to the list of known hosts.
syzkaller login: [   58.703310][ T5833] cgroup: Unknown subsys name 'net'
[   58.839431][ T5833] cgroup: Unknown subsys name 'cpuset'
[   58.844826][ T5833] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   60.898968][ T5833] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   66.722226][ T5851] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.727520][ T5858] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.730615][ T5858] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   66.734648][ T5858] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.737759][ T5858] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   66.741207][ T5858] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   66.744860][ T5858] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.748763][ T5857] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   66.768212][ T5855] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   66.773221][ T5855] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   66.777005][ T5855] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   66.780823][ T5855] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   66.783917][ T5858] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.784120][ T5855] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   66.787377][ T5858] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   67.207334][ T5845] chnl_net:caif_netlink_parms(): no params data found
[   67.293660][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   67.319852][ T5853] chnl_net:caif_netlink_parms(): no params data found
[   67.405979][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.409006][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.412372][ T5845] bridge_slave_0: entered allmulticast mode
[   67.416515][ T5845] bridge_slave_0: entered promiscuous mode
[   67.427646][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.430589][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.433297][ T5845] bridge_slave_1: entered allmulticast mode
[   67.437563][ T5845] bridge_slave_1: entered promiscuous mode
[   67.531981][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.539142][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.618639][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.621524][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.624690][ T5846] bridge_slave_0: entered allmulticast mode
[   67.629387][ T5846] bridge_slave_0: entered promiscuous mode
[   67.633544][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.638748][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.641652][ T5853] bridge_slave_0: entered allmulticast mode
[   67.645682][ T5853] bridge_slave_0: entered promiscuous mode
[   67.652135][ T5845] team0: Port device team_slave_0 added
[   67.657717][ T5845] team0: Port device team_slave_1 added
[   67.660813][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.663674][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.666647][ T5846] bridge_slave_1: entered allmulticast mode
[   67.670555][ T5846] bridge_slave_1: entered promiscuous mode
[   67.688436][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.691325][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.694162][ T5853] bridge_slave_1: entered allmulticast mode
[   67.698928][ T5853] bridge_slave_1: entered promiscuous mode
[   67.763421][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.784882][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.791652][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.811130][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.813978][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.825064][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.833577][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.865415][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.868099][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   67.878299][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.899729][ T5853] team0: Port device team_slave_0 added
[   67.903322][ T5846] team0: Port device team_slave_0 added
[   67.914404][ T5846] team0: Port device team_slave_1 added
[   67.918832][ T5853] team0: Port device team_slave_1 added
[   67.998571][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.001217][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.011441][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.017673][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.020373][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.030419][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.040549][ T5845] hsr_slave_0: entered promiscuous mode
[   68.043954][ T5845] hsr_slave_1: entered promiscuous mode
[   68.056013][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.058710][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.069336][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.093698][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.096720][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.107413][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.192776][ T5846] hsr_slave_0: entered promiscuous mode
[   68.196941][ T5846] hsr_slave_1: entered promiscuous mode
[   68.200029][ T5846] debugfs: 'hsr0' already exists in 'hsr'
[   68.202405][ T5846] Cannot create hsr debugfs directory
[   68.263978][ T5853] hsr_slave_0: entered promiscuous mode
[   68.268290][ T5853] hsr_slave_1: entered promiscuous mode
[   68.271416][ T5853] debugfs: 'hsr0' already exists in 'hsr'
[   68.273768][ T5853] Cannot create hsr debugfs directory
[   68.555932][ T5845] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   68.564389][ T5845] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   68.578462][ T5845] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   68.590609][ T5845] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   68.626403][ T5853] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   68.631690][ T5853] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   68.640563][ T5853] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   68.667315][ T5853] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   68.728459][ T5846] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   68.738105][ T5846] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   68.744622][ T5846] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   68.758009][ T5846] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   68.805646][ T5850] Bluetooth: hci1: command tx timeout
[   68.808016][ T5855] Bluetooth: hci0: command tx timeout
[   68.870515][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.880965][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.886517][ T5855] Bluetooth: hci2: command tx timeout
[   68.914018][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   68.920502][ T5853] 8021q: adding VLAN 0 to HW filter on device team0
[   68.935566][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.938624][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.947232][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.950139][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.954839][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.957847][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.981206][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.984099][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.043912][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.113505][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   69.147440][  T177] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.150315][  T177] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.168964][  T177] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.172010][  T177] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.278672][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.341473][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.367276][ T5845] veth0_vlan: entered promiscuous mode
[   69.388832][ T5845] veth1_vlan: entered promiscuous mode
[   69.422670][ T5853] veth0_vlan: entered promiscuous mode
[   69.430338][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.446849][ T5853] veth1_vlan: entered promiscuous mode
[   69.461217][ T5845] veth0_macvtap: entered promiscuous mode
[   69.482260][ T5845] veth1_macvtap: entered promiscuous mode
[   69.501157][ T5853] veth0_macvtap: entered promiscuous mode
[   69.510645][ T5853] veth1_macvtap: entered promiscuous mode
[   69.518075][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.524606][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.538525][ T5846] veth0_vlan: entered promiscuous mode
[   69.549039][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.558404][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.564565][ T5846] veth1_vlan: entered promiscuous mode
[   69.570625][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.573657][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.584799][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.594537][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.645737][ T5862] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.649359][ T5862] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.652451][ T5862] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.658288][ T5862] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.692076][  T177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.701563][  T177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.723631][ T5846] veth0_macvtap: entered promiscuous mode
[   69.748826][ T5846] veth1_macvtap: entered promiscuous mode
[   69.755379][  T177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.762349][  T177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.790342][ T1180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.793522][ T1180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.816172][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.842175][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.846762][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.849927][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.864627][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   69.878570][ T5862] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.887997][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.890730][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.893470][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.014903][  T177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.026020][  T177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.058758][  T177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.066778][  T177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.214093][ T5928] loop1: detected capacity change from 0 to 4096
[   70.232787][ T5928] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[   70.464244][ T5934] loop2: detected capacity change from 0 to 256
[   70.503913][ T5934] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x2f9e4978, utbl_chksum : 0xe619d30d)
[   70.887636][ T5855] Bluetooth: hci0: command tx timeout
[   70.889393][ T5855] Bluetooth: hci1: command tx timeout
[   70.970811][ T5850] Bluetooth: hci2: command tx timeout
[   70.973093][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[   70.975970][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[   71.070854][ T5962] loop0: detected capacity change from 0 to 1024
[   71.095521][ T5898] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   71.159115][ T5957] loop2: detected capacity change from 0 to 32768
[   71.162740][ T5962] hfsplus: bad catalog entry type
[   71.170492][ T5957] btrfs: Unknown parameter 'ref_verify'
[   71.251185][ T5898] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   71.261809][ T1092] hfsplus: b-tree write err: -5, ino 4
[   71.268690][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.290835][ T5898] usb 2-1: config 0 descriptor??
[   71.312477][ T5898] cp210x 2-1:0.0: cp210x converter detected
[   71.712151][ T5898] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[   71.735920][ T5898] cp210x 2-1:0.0: GPIO initialisation failed: -524
[   71.766399][ T5898] usb 2-1: cp210x converter now attached to ttyUSB0
[   71.853118][ T5971] loop0: detected capacity change from 0 to 32768
[   71.860136][ T5971] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.18 (5971)
[   71.895435][ T5971] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   71.899689][ T5971] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[   71.944488][ T5913] usb 2-1: USB disconnect, device number 2
[   71.980854][ T5913] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[   71.984495][ T5913] cp210x 2-1:0.0: device disconnected
[   72.100641][ T5971] BTRFS info (device loop0): enabling ssd optimizations
[   72.106222][ T5971] BTRFS info (device loop0): enabling free space tree
[   72.232842][ T5845] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   72.307473][ T5991] loop2: detected capacity change from 0 to 32768
[   72.321456][ T5991] =======================================================
[   72.321456][ T5991] WARNING: The mand mount option has been deprecated and
[   72.321456][ T5991]          and is ignored by this kernel. Remove the mand
[   72.321456][ T5991]          option from the mount to silence this warning.
[   72.321456][ T5991] =======================================================
[   72.425467][ T5991] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   72.471356][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[   72.534305][ T6012] loop1: detected capacity change from 0 to 512
[   72.539550][ T6012] EXT4-fs: Ignoring removed orlov option
[   72.556954][ T6012] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   72.581868][ T6012] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[   72.597548][ T6012] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.24: corrupted in-inode xattr: e_value size too large
[   72.606091][ T6012] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.24: couldn't read orphan inode 15 (err -117)
[   72.612708][ T6012] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.675338][ T5313] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   72.689718][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.768459][ T6020] loop2: detected capacity change from 0 to 128
[   72.790204][ T6020] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[   72.826684][ T5313] usb 1-1: Using ep0 maxpacket: 8
[   72.855289][ T5313] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   72.864804][ T5313] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[   72.881835][ T5313] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   72.887869][ T5313] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   72.891018][ T5313] usb 1-1: SerialNumber: syz
[   72.909569][ T5313] cdc_acm 1-1:1.0: Control and data interfaces are not separated!
[   72.912634][ T5313] cdc_acm 1-1:1.0: This needs exactly 3 endpoints
[   72.920814][ T5313] cdc_acm 1-1:1.0: probe with driver cdc_acm failed with error -22
[   72.966657][ T5850] Bluetooth: hci1: command tx timeout
[   72.968844][ T5850] Bluetooth: hci0: command tx timeout
[   73.045312][ T5855] Bluetooth: hci2: command tx timeout
[   73.113033][ T5920] usb 1-1: USB disconnect, device number 2
[   73.215979][ T5313] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   73.675123][ T5313] usb 3-1: Using ep0 maxpacket: 16
[   73.680857][ T5313] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   73.692656][ T5313] usb 3-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[   73.696626][ T5313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.699896][ T5313] usb 3-1: Product: syz
[   73.701668][ T5313] usb 3-1: Manufacturer: syz
[   73.703596][ T5313] usb 3-1: SerialNumber: syz
[   73.709753][ T5313] usb 3-1: config 0 descriptor??
[   73.717181][ T5313] uvcvideo 3-1:0.0: probe with driver uvcvideo failed with error -22
[   73.928267][ T5913] usb 3-1: USB disconnect, device number 2
[   73.935110][   T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   74.085651][   T24] usb 1-1: Using ep0 maxpacket: 32
[   74.091960][   T24] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[   74.097171][   T24] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   74.100713][   T24] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[   74.104141][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   74.107499][   T24] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   74.110552][   T24] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   74.114574][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   74.122901][   T24] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   74.126949][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.136488][   T24] usb 1-1: config 0 descriptor??
[   74.344609][ T6033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.355670][ T6033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.360719][   T24] usb 1-1: USB disconnect, device number 3
[   74.707418][ T6047] loop2: detected capacity change from 0 to 32768
[   74.712388][ T6047] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.36 (6047)
[   74.732968][ T6047] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   74.738889][ T6047] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[   74.768639][ T6047] BTRFS info (device loop2): enabling ssd optimizations
[   74.771535][ T6047] BTRFS info (device loop2): enabling free space tree
[   74.810309][ T5853] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   75.049134][ T5855] Bluetooth: hci0: command tx timeout
[   75.052621][ T5855] Bluetooth: hci1: command tx timeout
[   75.127376][ T5850] Bluetooth: hci2: command tx timeout
[   75.224528][ T6079] tipc: Started in network mode
[   75.229316][ T6079] tipc: Node identity 1a2326805ccd, cluster identity 4711
[   75.232501][ T6079] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   75.241974][ T6079] syzkaller0: entered promiscuous mode
[   75.253038][ T6079] syzkaller0: entered allmulticast mode
[   75.301477][ T6079] tipc: Resetting bearer <eth:syzkaller0>
[   75.349038][ T6090] loop0: detected capacity change from 0 to 512
[   75.381415][ T6090] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.416876][ T6090] fs-verity (loop0, inode 13): Unsupported log_blocksize: 12
[   75.454833][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.467625][ T6078] tipc: Resetting bearer <eth:syzkaller0>
[   75.488792][ T6078] tipc: Disabling bearer <eth:syzkaller0>
[   75.934898][ T6099] binder: 6098:6099 ioctl 4018620d 0 returned -22
[   75.989640][ T6100] binder: 6098:6100 ioctl c018620c 0 returned -14
[   76.155154][ T5920] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[   76.330801][ T5920] usb 3-1: config 16 has an invalid interface number: 35 but max is 0
[   76.333960][ T5920] usb 3-1: config 16 has no interface number 0
[   76.339414][ T5920] usb 3-1: New USB device found, idVendor=04b3, idProduct=4001, bcdDevice= 1.10
[   76.342977][ T5920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.346852][ T5920] usb 3-1: Product: syz
[   76.348183][ T5920] usb 3-1: Manufacturer: syz
[   76.349692][ T5920] usb 3-1: SerialNumber: syz
[   76.369967][ T5920] usb-storage 3-1:16.35: USB Mass Storage device detected
[   76.385319][ T5920] usb-storage 3-1:16.35: Quirks match for vid 04b3 pid 4001: 2000
[   76.446168][ T6110] hub 9-0:1.0: USB hub found
[   76.449826][ T6110] hub 9-0:1.0: 1 port detected
[   76.490220][ T6110] Zero length message leads to an empty skb
[   76.590481][ T5920] usb 3-1: USB disconnect, device number 3
[   77.102627][ T6113] loop0: detected capacity change from 0 to 512
[   77.120316][ T6113] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   77.135393][ T6113] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   77.180368][ T6113] EXT4-fs (loop0): 1 truncate cleaned up
[   77.282325][ T6113] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.697676][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.210793][ T6131] loop2: detected capacity change from 0 to 1024
[   78.214191][ T6131] hfsplus: unable to change nls mapping
[   78.487941][ T6142] loop0: detected capacity change from 0 to 64
[   78.507884][ T6142] Trying to free block not in datazone
[   78.630428][ T6149] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[   78.687580][ T6152] loop2: detected capacity change from 0 to 256
[   78.699918][ T6152] exfat: Deprecated parameter 'utf8'
[   78.701702][ T6152] exfat: Deprecated parameter 'utf8'
[   78.729781][ T6152] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[   78.887106][ T6161] loop0: detected capacity change from 0 to 4096
[   78.923222][ T6169] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   79.075121][ T5884] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   79.235179][ T5884] usb 3-1: Using ep0 maxpacket: 16
[   79.239322][ T5884] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.242829][ T5884] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.253646][ T5884] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[   79.262035][ T5884] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.269693][ T5884] usb 3-1: config 0 descriptor??
[   79.737657][ T5884] corsair 0003:1B1C:1B02.0001: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.2-1/input0
[   79.928670][ T6189] loop0: detected capacity change from 0 to 1024
[   79.972248][  T177] hfsplus: b-tree write err: -5, ino 3
[   79.979732][ T5845] hfsplus: node 4:3 still has 1 user(s)!
[   80.138250][ T5884] usb 3-1: USB disconnect, device number 4
[   81.049677][ T6207] loop2: detected capacity change from 0 to 512
[   81.057995][ T6207] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   81.067308][ T6207] EXT4-fs (loop2): orphan cleanup on readonly fs
[   81.071611][ T6207] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.94: Block bitmap for bg 0 marked uninitialized
[   81.092132][ T6207] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   81.099477][ T6207] EXT4-fs (loop2): 1 orphan inode deleted
[   81.103006][ T6207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   81.143747][ T6199] loop1: detected capacity change from 0 to 32768
[   81.201901][ T6207] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   81.207623][ T6207] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   81.280709][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.436369][ T6217] capability: warning: `syz.1.97' uses 32-bit capabilities (legacy support in use)
[   81.512033][ T6223] loop1: detected capacity change from 0 to 16
[   81.572104][   T33] audit: type=1326 audit(1759295042.451:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.604358][   T33] audit: type=1326 audit(1759295042.451:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.614111][   T33] audit: type=1326 audit(1759295042.471:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.627118][   T33] audit: type=1326 audit(1759295042.471:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.648697][   T33] audit: type=1326 audit(1759295042.471:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.664642][   T33] audit: type=1326 audit(1759295042.471:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.675965][   T33] audit: type=1326 audit(1759295042.471:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.684704][   T33] audit: type=1326 audit(1759295042.471:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.694067][   T33] audit: type=1326 audit(1759295042.471:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.703896][   T33] audit: type=1326 audit(1759295042.471:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.2.101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffadf38ec29 code=0x7ffc0000
[   81.716736][ T6223] erofs (device loop1): mounted with root inode @ nid 36.
[   81.720283][ T6227] loop2: detected capacity change from 0 to 8192
[   82.423902][ T6229] loop2: detected capacity change from 0 to 32768
[   82.435667][ T6229] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[   82.439065][ T6229] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   82.445230][ T5898] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[   82.464857][ T6229] XFS (loop2): Ending clean mount
[   82.471292][ T6229] XFS (loop2): Quotacheck needed: Please wait.
[   82.504946][ T6229] XFS (loop2): Quotacheck: Done.
[   82.537680][ T5853] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   82.603242][ T5898] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   82.609908][ T5898] usb 1-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   82.624902][ T5898] usb 1-1: config 0 interface 0 has no altsetting 0
[   82.629108][ T5898] usb 1-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[   82.632657][ T5898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.646830][ T5898] usb 1-1: config 0 descriptor??
[   82.651448][ T6234] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   83.029609][ T6247] loop1: detected capacity change from 0 to 32768
[   83.047390][ T6247] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   83.059363][ T6247] OCFS2: ERROR (device loop1): int ocfs2_validate_xattr_block(struct super_block *, struct buffer_head *): Extended attribute block #2304 has bad signature 
[   83.062538][ T5898] elo 0003:04E7:0030.0002: unknown main item tag 0x0
[   83.067842][ T6247] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[   83.072148][ T6247] OCFS2: File system is now read-only.
[   83.076640][ T6247] (syz.1.107,6247,1):ocfs2_xattr_block_find:2831 ERROR: status = -30
[   83.078567][ T5898] elo 0003:04E7:0030.0002: item fetching failed at offset 3/5
[   83.083360][ T5898] elo 0003:04E7:0030.0002: parse failed
[   83.087834][ T5898] elo 0003:04E7:0030.0002: probe with driver elo failed with error -22
[   83.118649][ T5846] ocfs2: Unmounting device (7,1) on (node local)
[   83.202986][ T6251] loop1: detected capacity change from 0 to 256
[   83.260062][ T6253] loop1: detected capacity change from 0 to 256
[   83.274331][ T5898] usb 1-1: USB disconnect, device number 4
[   83.332932][ T6255] loop1: detected capacity change from 0 to 1024
[   83.534368][ T6257] loop1: detected capacity change from 0 to 32768
[   83.550041][ T6257] read_mapping_page failed!
[   83.718555][ T6263] loop1: detected capacity change from 0 to 512
[   83.726235][ T6263] EXT4-fs: Ignoring removed mblk_io_submit option
[   83.737628][ T6263] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   83.741872][ T6263] EXT4-fs (loop1): can't mount with journal_async_commit, fs mounted w/o journal
[   83.812744][ T6265] loop1: detected capacity change from 0 to 1764
[   84.806154][ T6277] netlink: 244 bytes leftover after parsing attributes in process `syz.2.120'.
[   84.903941][ T6285] loop2: detected capacity change from 0 to 8
[   84.970088][ T6285] SQUASHFS error: zlib decompression failed, data probably corrupt
[   84.973063][ T6285] SQUASHFS error: Failed to read block 0x9b: -5
[   84.977472][ T6285] SQUASHFS error: Unable to read metadata cache entry [99]
[   84.980543][ T6285] SQUASHFS error: Unable to read inode 0x127
[   84.981457][ T5913] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   85.268330][ T5913] usb 1-1: Using ep0 maxpacket: 32
[   85.279568][ T5913] usb 1-1: config 0 has an invalid interface number: 132 but max is 0
[   85.283270][ T5913] usb 1-1: config 0 has no interface number 0
[   85.287344][ T5913] usb 1-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   85.294700][ T5913] usb 1-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[   85.298634][ T5913] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.303084][ T5913] usb 1-1: Product: syz
[   85.305855][ T5913] usb 1-1: Manufacturer: syz
[   85.309841][ T5913] usb 1-1: SerialNumber: syz
[   85.317520][ T5913] usb 1-1: config 0 descriptor??
[   85.323370][ T5913] em28xx 1-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[   85.326805][ T5913] em28xx 1-1:0.132: Video interface 132 found:
[   85.416911][ T6300] loop2: detected capacity change from 0 to 128
[   85.429848][ T6300] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   85.434414][ T6300] ext4 filesystem being mounted at /49/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   85.490682][ T6300] fscrypt: Adiantum using implementation "adiantum(xchacha12-lib,aes-fixed-time,nhpoly1305-sse2)"
[   85.517929][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   85.577792][ T6307] loop2: detected capacity change from 0 to 1024
[   85.622206][ T6307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.626537][ T6307] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.643040][ T6307] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 3: comm syz.2.130: lblock 3 mapped to illegal pblock 3 (length 13)
[   85.650006][ T6307] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[   85.654085][ T6307] EXT4-fs (loop2): This should not happen!! Data will be lost
[   85.654085][ T6307] 
[   85.693141][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.739182][ T5913] em28xx 1-1:0.132: unknown em28xx chip ID (0)
[   86.032965][ T6327] loop2: detected capacity change from 0 to 1024
[   86.149485][ T5913] em28xx 1-1:0.132: reading from i2c device at 0xa0 failed: couldn't get the received message from the bridge (error=-5)
[   86.161311][ T5913] em28xx 1-1:0.132: board has no eeprom
[   86.197591][ T6334] 9pnet_fd: Insufficient options for proto=fd
[   86.255113][ T5913] em28xx 1-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[   86.257602][ T5913] em28xx 1-1:0.132: analog set to bulk mode.
[   86.266309][ T5912] em28xx 1-1:0.132: Registering V4L2 extension
[   86.341148][  T794] cfg80211: failed to load regulatory.db
[   86.393383][ T5912] em28xx 1-1:0.132: failed to trigger read from i2c address 0x4a (error=-5)
[   86.400048][ T5912] em28xx 1-1:0.132: failed to trigger read from i2c address 0x48 (error=-5)
[   86.405384][ T5313] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[   86.412029][ T5913] usb 1-1: USB disconnect, device number 5
[   86.414097][ T5912] em28xx 1-1:0.132: failed to trigger read from i2c address 0x42 (error=-5)
[   86.419348][ T5913] em28xx 1-1:0.132: Disconnecting em28xx
[   86.548990][ T5912] em28xx 1-1:0.132: Config register raw data: 0xffffffed
[   86.552137][ T5912] em28xx 1-1:0.132: AC97 chip type couldn't be determined
[   86.554530][ T5912] em28xx 1-1:0.132: No AC97 audio processor
[   86.567399][ T5912] usb 1-1: Decoder not found
[   86.569038][ T5912] em28xx 1-1:0.132: failed to create media graph
[   86.571397][ T5912] em28xx 1-1:0.132: V4L2 device video103 deregistered
[   86.577107][ T5313] usb 3-1: config 5 has an invalid interface number: 123 but max is 0
[   86.584581][ T5313] usb 3-1: config 5 has no interface number 0
[   86.585639][ T5912] em28xx 1-1:0.132: Remote control support is not available for this card.
[   86.590980][ T5913] em28xx 1-1:0.132: Closing input extension
[   86.592080][ T5313] usb 3-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[   86.600269][ T5313] usb 3-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[   86.608173][ T5313] usb 3-1: config 5 interface 123 has no altsetting 0
[   86.626570][ T5313] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[   86.630190][ T5913] em28xx 1-1:0.132: Freeing device
[   86.633462][ T5313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.643374][ T5313] usb 3-1: Product: syz
[   86.647596][ T5313] usb 3-1: Manufacturer: syz
[   86.649647][ T5313] usb 3-1: SerialNumber: syz
[   87.011227][ T5313] ni6501 3-1:5.123: driver 'ni6501' failed to auto-configure device.
[   87.037185][ T5313] usb 3-1: USB disconnect, device number 5
[   88.413124][ T6371] loop1: detected capacity change from 0 to 512
[   88.426140][ T6371] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   88.492172][ T6371] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.158: invalid indirect mapped block 83886080 (level 1)
[   88.500153][ T6371] EXT4-fs (loop1): Remounting filesystem read-only
[   88.507056][ T6371] EXT4-fs (loop1): 1 orphan inode deleted
[   88.511363][ T6371] EXT4-fs (loop1): 1 truncate cleaned up
[   88.520521][ T6371] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.584592][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.617593][ T6372] loop2: detected capacity change from 0 to 4096
[   88.633151][ T6372] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[   88.943027][ T6372] ntfs3(loop2): ino=1a, mi_enum_attr
[   88.949630][ T6372] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[   89.166469][ T6389] process 'syz.0.164' launched './file0' with NULL argv: empty string added
[   89.209177][ T6387] loop1: detected capacity change from 0 to 4096
[   89.232325][ T6387] NILFS (loop1): invalid segment: Checksum error in segment payload
[   89.236080][ T6387] NILFS (loop1): trying rollback from an earlier position
[   89.257988][ T6387] NILFS (loop1): recovery complete
[   89.265198][ T6394] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   89.415838][ T6402] loop2: detected capacity change from 0 to 256
[   89.449099][ T6402] FAT-fs (loop2): Directory bread(block 64) failed
[   89.457465][ T6402] FAT-fs (loop2): Directory bread(block 65) failed
[   89.459653][ T6402] FAT-fs (loop2): Directory bread(block 66) failed
[   89.462068][ T6402] FAT-fs (loop2): Directory bread(block 67) failed
[   89.464702][ T6402] FAT-fs (loop2): Directory bread(block 68) failed
[   89.483369][ T6402] FAT-fs (loop2): Directory bread(block 69) failed
[   89.491817][ T6402] FAT-fs (loop2): Directory bread(block 70) failed
[   89.497533][ T6402] FAT-fs (loop2): Directory bread(block 71) failed
[   89.500122][ T6402] FAT-fs (loop2): Directory bread(block 72) failed
[   89.502652][ T6402] FAT-fs (loop2): Directory bread(block 73) failed
[   89.581837][ T6408] loop1: detected capacity change from 0 to 8
[   89.820361][ T6426] capability: warning: `syz.1.181' uses deprecated v2 capabilities in a way that may be insecure
[   89.995358][ T5313] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   90.021333][ T6425] loop0: detected capacity change from 0 to 32768
[   90.026461][ T6425] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.180 (6425)
[   90.037442][ T6425] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   90.040723][ T6425] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   90.150327][ T5313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.159489][ T5313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.163468][ T5313] usb 3-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[   90.171923][ T6425] BTRFS info (device loop0): enabling ssd optimizations
[   90.174834][ T6425] BTRFS info (device loop0): enabling free space tree
[   90.177822][ T5313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.183650][ T5313] usb 3-1: config 0 descriptor??
[   90.223058][ T5845] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   90.318722][ T6460] Invalid ELF header magic: != ELF
[   90.448268][ T6463] netlink: 20 bytes leftover after parsing attributes in process `syz.0.190'.
[   90.451193][ T6463] netlink: 4 bytes leftover after parsing attributes in process `syz.0.190'.
[   90.646196][ T5313] hid-led 0003:0FC5:B080.0003: unknown main item tag 0x0
[   90.832921][ T5313] hid-led 0003:0FC5:B080.0003: probe with driver hid-led failed with error -71
[   90.856948][ T5313] usb 3-1: USB disconnect, device number 6
[   91.503512][ T6473] tap0: tun_chr_ioctl cmd 1074025675
[   91.505874][ T6473] tap0: persist enabled
[   91.507813][ T6473] tap0: tun_chr_ioctl cmd 1074025675
[   91.509961][ T6473] tap0: persist disabled
[   91.619351][ T6477] netlink: 'syz.0.197': attribute type 21 has an invalid length.
[   91.632207][ T6479] loop2: detected capacity change from 0 to 256
[   91.652847][ T5920] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   91.711431][ T6481] loop0: detected capacity change from 0 to 512
[   91.805524][ T5920] usb 2-1: Using ep0 maxpacket: 16
[   91.809439][ T5920] usb 2-1: config 0 descriptor has 1 excess byte, ignoring
[   91.812562][ T5920] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024
[   91.817454][ T5920] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[   91.821671][ T5920] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 223
[   91.831092][ T5920] usb 2-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[   91.835642][ T5920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.838239][ T5920] usb 2-1: Product: syz
[   91.839631][ T5920] usb 2-1: Manufacturer: syz
[   91.841058][ T5920] usb 2-1: SerialNumber: syz
[   91.866223][ T5920] usb 2-1: config 0 descriptor??
[   91.870571][ T6471] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   91.873564][ T6471] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   91.992136][    C0] mcba_usb 2-1:0.0 can0: Tx URB aborted (-71)
[   91.995338][ T5920] mcba_usb 2-1:0.0: Microchip CAN BUS Analyzer connected
[   91.997787][    C0] mcba_usb 2-1:0.0 can0: Tx URB aborted (-71)
[   92.119570][ T5913] usb 2-1: USB disconnect, device number 3
[   92.134683][ T5913] mcba_usb 2-1:0.0 can0: device disconnected
[   92.355086][ T5313] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[   92.509699][ T5313] usb 3-1: config 8 has an invalid interface number: 95 but max is 0
[   92.512644][ T5313] usb 3-1: config 8 has no interface number 0
[   92.516760][ T5313] usb 3-1: New USB device found, idVendor=05ac, idProduct=024a, bcdDevice=29.78
[   92.519735][ T5313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.522257][ T5313] usb 3-1: Product: syz
[   92.523763][ T5313] usb 3-1: Manufacturer: syz
[   92.526159][ T5313] usb 3-1: SerialNumber: syz
[   92.768261][ T5313] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:8.95/input/input4
[   92.786267][ T5280] bcm5974 3-1:8.95: could not read from device
[   92.803136][ T5280] bcm5974 3-1:8.95: could not read from device
[   92.810900][ T5313] usb 3-1: USB disconnect, device number 7
[   93.025334][ T6507] xfrm0: entered promiscuous mode
[   93.027377][ T6507] xfrm0: entered allmulticast mode
[   93.202166][ T6515] loop0: detected capacity change from 0 to 512
[   93.220883][ T6515] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.214: corrupted in-inode xattr: invalid ea_ino
[   93.228180][ T6515] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.214: couldn't read orphan inode 15 (err -117)
[   93.237855][ T6515] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.267848][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.584326][ T6519] loop0: detected capacity change from 0 to 32768
[   93.601083][ T6519] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   93.647198][ T6519] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[   93.660170][ T6519] XFS (loop0): Starting recovery (logdev: internal)
[   93.673019][ T6519] XFS (loop0): Ending recovery (logdev: internal)
[   93.681342][ T6519] XFS (loop0): Quotacheck needed: Please wait.
[   93.704878][ T6519] XFS (loop0): Quotacheck: Done.
[   93.713991][ T6527] loop2: detected capacity change from 0 to 32768
[   93.740636][ T6527] syz.2.219: attempt to access beyond end of device
[   93.740636][ T6527] loop2: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[   93.753980][ T5845] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   93.759740][ T6527] metapage_write_end_io: I/O error
[   93.762170][ T6527] ERROR: (device loop2): release_metapage: metapage_write_one() failed
[   93.762170][ T6527] 
[   93.767889][ T6527] ERROR: (device loop2): remounting filesystem as read-only
[   93.770505][ T6527] ERROR: (device loop2): diWrite: ixpxd invalid
[   93.770505][ T6527] 
[   93.773521][ T6527] ERROR: (device loop2): txCommit: 
[   93.773521][ T6527] 
[   93.780393][ T6527] blkno = 8ed2c, nblocks = 1
[   93.782111][ T6527] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map
[   93.782111][ T6527] 
[   93.787567][ T6527] UFO tlock:0xffffc90001fd2090
[   93.791164][ T6527] ERROR: (device loop2): dtSearch: DT_GETPAGE: dtree page corrupt
[   93.791164][ T6527] 
[   93.795460][ T6527] jfs_lookup: dtSearch returned -5
[   93.813639][  T116] blkno = 8ed2c, nblocks = 4
[   93.816138][  T116] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map
[   93.816138][  T116] 
[   93.820066][ T5853] syz-executor: attempt to access beyond end of device
[   93.820066][ T5853] loop2: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[   93.825413][ T5853] metapage_write_end_io: I/O error
[   93.831755][ T5853] JFS: metapage_get_blocks failed
[   93.840430][ T5853] JFS: metapage_get_blocks failed
[   93.846885][ T5853] JFS: metapage_get_blocks failed
[   93.848753][ T5853] JFS: metapage_get_blocks failed
[   93.980480][ T6539] loop0: detected capacity change from 0 to 1024
[   94.118799][ T6545] tmpfs: Bad value for 'mpol'
[   94.258225][ T6551] loop0: detected capacity change from 0 to 128
[   94.266969][ T6551] EXT4-fs (loop0): Test dummy encryption mode enabled
[   94.277324][ T6551] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   94.284217][ T6551] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   94.378405][ T6551] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[   94.387039][   T33] kauditd_printk_skb: 1 callbacks suppressed
[   94.387053][   T33] audit: type=1800 audit(1759295055.271:13): pid=6551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.227" name="file1" dev="loop0" ino=12 res=0 errno=0
[   94.419360][ T5845] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   94.644651][ T6564] loop2: detected capacity change from 0 to 32768
[   94.666261][ T6564] (syz.2.230,6564,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   94.671030][ T6564] (syz.2.230,6564,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   94.688261][ T6564] JBD2: Ignoring recovery information on journal
[   94.739352][ T6564] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   94.746080][ T6576] loop0: detected capacity change from 0 to 764
[   94.777398][ T6576] rock: directory entry would overflow storage
[   94.784141][ T6576] rock: sig=0x4654, size=5, remaining=4
[   94.824383][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[   95.209163][ T6582] loop2: detected capacity change from 0 to 2048
[   95.242651][ T6582] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   95.257367][   T33] audit: type=1800 audit(1759295056.141:14): pid=6582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.237" name="file1" dev="loop2" ino=1346 res=0 errno=0
[   95.461081][ T6589] proc: Bad value for 'gid'
[   96.305911][ T6599] loop1: detected capacity change from 0 to 32768
[   96.319619][ T6599] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   96.349580][ T6599] XFS (loop1): Ending clean mount
[   96.431392][ T5846] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   96.700816][ T5313] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   96.806952][ T6618] evm: overlay not supported
[   96.856510][ T5313] usb 3-1: Using ep0 maxpacket: 16
[   96.866953][ T5313] usb 3-1: config 0 interface 0 has no altsetting 0
[   96.871120][ T5313] usb 3-1: New USB device found, idVendor=17cc, idProduct=041c, bcdDevice= 0.9c
[   96.874718][ T5313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.882244][ T5313] usb 3-1: Product: syz
[   96.883957][ T5313] usb 3-1: Manufacturer: syz
[   96.886322][ T5313] usb 3-1: SerialNumber: syz
[   96.890141][ T5313] usb 3-1: config 0 descriptor??
[   96.896439][ T5313] usb 3-1: selecting invalid altsetting 1
[   96.898761][ T5313] snd-usb-caiaq 3-1:0.0: can't set alt interface.
[   96.901189][ T5313] usb 3-1: unable to init card! (ret=-5)
[   96.904426][ T5313] snd-usb-caiaq 3-1:0.0: probe with driver snd-usb-caiaq failed with error -5
[   97.101033][ T5313] usb 3-1: USB disconnect, device number 8
[   97.876944][ T6634] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   97.948342][ T6634] vxcan3: entered allmulticast mode
[   98.913223][ T6662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.265'.
[   99.504621][ T6674] loop0: detected capacity change from 0 to 256
[  100.310520][ T6690] loop1: detected capacity change from 0 to 256
[  100.346030][ T6690] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xc2dc8e67, utbl_chksum : 0xe619d30d)
[  100.463210][ T6694] loop1: detected capacity change from 0 to 256
[  100.470296][ T6694] exfat: Deprecated parameter 'utf8'
[  100.496801][ T6694] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x40a90196, utbl_chksum : 0xe619d30d)
[  101.802895][ T6716] loop2: detected capacity change from 0 to 8192
[  103.033258][ T6731] Bluetooth: MGMT ver 1.23
[  104.162181][ T6751] loop2: detected capacity change from 0 to 1024
[  104.187500][ T6751] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  104.191602][ T6751] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (49802!=20869)
[  104.210631][ T6751] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  104.230167][ T6751] EXT4-fs error (device loop2): ext4_get_journal_inode:5808: inode #5: comm syz.2.301: unexpected bad inode w/o EXT4_IGET_BAD
[  104.238249][ T6751] EXT4-fs (loop2): no journal found
[  104.250952][ T6751] EXT4-fs (loop2): can't get journal size
[  104.296329][ T6751] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.465919][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.705310][ T6760] loop0: detected capacity change from 0 to 4096
[  104.716171][ T6760] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  104.916380][ T6760] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  104.921530][ T6760] ntfs3(loop0): ino=1f, "file2" failed to open parent directory r=5 to update
[  104.953644][   T26] ntfs3(loop0): ino=1f, failed to open parent directory r=5 to update
[  105.133892][  T794] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  105.307314][  T794] usb 3-1: Using ep0 maxpacket: 32
[  105.323161][  T794] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  105.360945][  T794] usb 3-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  105.379407][  T794] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.410545][  T794] usb 3-1: config 0 descriptor??
[  105.858856][  T794] steelseries 0003:1038:1410.0004: collection stack underflow
[  105.862254][  T794] steelseries 0003:1038:1410.0004: item 0 4 0 12 parsing failed
[  105.867307][  T794] steelseries 0003:1038:1410.0004: parse failed
[  105.872165][  T794] steelseries 0003:1038:1410.0004: probe with driver steelseries failed with error -22
[  106.151564][  T794] usb 3-1: USB disconnect, device number 9
[  106.554249][ T6821] loop1: detected capacity change from 0 to 2048
[  106.588598][ T6821] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  106.674129][ T6826] macvlan0: entered promiscuous mode
[  106.706458][ T6826] netlink: 'syz.1.315': attribute type 1 has an invalid length.
[  106.713231][ T6826] netlink: 'syz.1.315': attribute type 2 has an invalid length.
[  106.760390][ T6829] loop2: detected capacity change from 0 to 1024
[  106.766898][ T6829] hfsplus: Unexpected value for 'decompose'
[  107.036990][ T6833] loop2: detected capacity change from 0 to 40427
[  107.051234][ T6833] F2FS-fs (loop2): Image doesn't support compression
[  107.057476][ T6833] F2FS-fs (loop2): build fault injection rate: 690
[  107.069867][ T6833] F2FS-fs (loop2): invalid crc value
[  107.081837][ T6834] loop1: detected capacity change from 0 to 32768
[  107.108503][ T6834] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  107.134267][ T6834] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x50.
[  107.148803][ T6834] XFS (loop1): Tail block (0x29) overwrite detected. Updated to 0x30
[  107.158387][ T6834] XFS (loop1): Ending clean mount
[  107.190131][ T6833] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  107.194821][ T5846] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  107.199110][ T6833] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  107.237274][ T6833] syz.2.318: attempt to access beyond end of device
[  107.237274][ T6833] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  107.255914][ T6833] syz.2.318: attempt to access beyond end of device
[  107.255914][ T6833] loop2: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  107.302745][ T5853] syz-executor: attempt to access beyond end of device
[  107.302745][ T5853] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  107.311771][ T5853] CPU: 0 UID: 0 PID: 5853 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  107.311792][ T5853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  107.311800][ T5853] Call Trace:
[  107.311816][ T5853]  <TASK>
[  107.311830][ T5853]  dump_stack_lvl+0x189/0x250
[  107.311854][ T5853]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.311868][ T5853]  ? __pfx_queue_work_on+0x10/0x10
[  107.311907][ T5853]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  107.311923][ T5853]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  107.311944][ T5853]  f2fs_handle_critical_error+0x37c/0x540
[  107.311963][ T5853]  f2fs_write_end_io+0x886/0xb60
[  107.311989][ T5853]  __submit_merged_bio+0x27a/0x6a0
[  107.312006][ T5853]  __submit_merged_write_cond+0x255/0x530
[  107.312030][ T5853]  f2fs_write_data_pages+0x261d/0x3000
[  107.312049][ T5853]  ? __lock_acquire+0xab9/0xd20
[  107.312088][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  107.312132][ T5853]  ? check_path+0x21/0x40
[  107.312143][ T5853]  ? check_noncircular+0xe0/0x160
[  107.312189][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  107.312205][ T5853]  do_writepages+0x32e/0x550
[  107.312224][ T5853]  ? do_raw_spin_unlock+0x4d/0x240
[  107.312235][ T5853]  filemap_fdatawrite+0x199/0x240
[  107.312245][ T5853]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  107.312274][ T5853]  ? do_raw_spin_unlock+0x4d/0x240
[  107.312284][ T5853]  f2fs_sync_dirty_inodes+0x31f/0x830
[  107.312302][ T5853]  f2fs_write_checkpoint+0x93e/0x2440
[  107.312312][ T5853]  ? __lock_acquire+0xab9/0xd20
[  107.312335][ T5853]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  107.312369][ T5853]  kill_f2fs_super+0x2cc/0x6d0
[  107.312383][ T5853]  ? __pfx_kill_f2fs_super+0x10/0x10
[  107.312400][ T5853]  ? shrinker_free+0x2ce/0x3e0
[  107.312414][ T5853]  deactivate_locked_super+0xbc/0x130
[  107.312429][ T5853]  cleanup_mnt+0x425/0x4c0
[  107.312441][ T5853]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.312452][ T5853]  task_work_run+0x1d4/0x260
[  107.312464][ T5853]  ? __pfx_task_work_run+0x10/0x10
[  107.312472][ T5853]  ? __x64_sys_umount+0x122/0x160
[  107.312482][ T5853]  ? exit_to_user_mode_loop+0x40/0x130
[  107.312495][ T5853]  exit_to_user_mode_loop+0xe9/0x130
[  107.312505][ T5853]  do_syscall_64+0x2bd/0xfa0
[  107.312516][ T5853]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.312524][ T5853]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.312532][ T5853]  ? exc_page_fault+0xab/0x100
[  107.312542][ T5853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.312549][ T5853] RIP: 0033:0x7ffadf38ff57
[  107.312558][ T5853] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  107.312565][ T5853] RSP: 002b:00007ffdcb1e08f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  107.312575][ T5853] RAX: 0000000000000000 RBX: 00007ffadf411c2d RCX: 00007ffadf38ff57
[  107.312580][ T5853] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdcb1e09b0
[  107.312584][ T5853] RBP: 00007ffdcb1e09b0 R08: 0000000000000000 R09: 0000000000000000
[  107.312589][ T5853] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdcb1e1a40
[  107.312594][ T5853] R13: 00007ffadf411c2d R14: 000000000001a297 R15: 00007ffdcb1e1a80
[  107.312607][ T5853]  </TASK>
[  107.312611][ T5853] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  107.653556][ T6853] loop1: detected capacity change from 0 to 32768
[  107.683262][ T6853] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  107.716803][ T6853] XFS (loop1): Ending clean mount
[  107.721816][ T6853] XFS (loop1): Quotacheck needed: Please wait.
[  107.750572][ T6853] XFS (loop1): Quotacheck: Done.
[  107.784418][ T5846] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  107.989733][ T6872] netlink: del zone limit has 4 unknown bytes
[  108.192563][ T6877] loop1: detected capacity change from 0 to 32768
[  108.222318][ T6877] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  108.225672][ T6877] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  108.259568][ T6877] XFS (loop1): Ending clean mount
[  108.265101][ T6877] XFS (loop1): Quotacheck needed: Please wait.
[  108.290155][ T6877] XFS (loop1): Quotacheck: Done.
[  108.293650][ T6877] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  108.308374][ T6892] syzkaller1: entered promiscuous mode
[  108.310261][ T6892] syzkaller1: entered allmulticast mode
[  108.505494][ T6894] 8021q: adding VLAN 0 to HW filter on device bond1
[  108.509237][ T6894] bridge0: port 3(bond1) entered blocking state
[  108.511959][ T6894] bridge0: port 3(bond1) entered disabled state
[  108.514708][ T6894] bond1: entered allmulticast mode
[  108.520050][ T6894] bond1: entered promiscuous mode
[  108.523132][ T6894] bridge0: port 3(bond1) entered blocking state
[  108.526200][ T6894] bridge0: port 3(bond1) entered forwarding state
[  108.761056][ T6903] loop2: detected capacity change from 0 to 2048
[  108.788353][ T6903] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  108.793271][ T6903] UDF-fs: Scanning with blocksize 512 failed
[  108.802944][ T6903] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  108.814919][   T33] audit: type=1800 audit(1759295069.691:15): pid=6903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.337" name="file1" dev="loop2" ino=818 res=0 errno=0
[  109.380109][ T6792] bridge0: port 3(bond1) entered disabled state
[  109.392849][ T6912] Driver unsupported XDP return value 0 on prog  (id 34) dev N/A, expect packet loss!
[  110.441683][ T6919] loop1: detected capacity change from 0 to 4096
[  110.446217][ T6919] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  110.468084][ T6919] ntfs3(loop1): ino=19, mi_enum_attr
[  110.473025][ T6919] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  110.511740][ T6919] ntfs3(loop1): failed to convert "c46c" to iso8859-1
[  110.519686][ T6919] ntfs3(loop1): ino=20, mi_enum_attr
[  110.832158][ T6925] loop0: detected capacity change from 0 to 32768
[  110.871500][ T6925] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  110.887785][ T6925] XFS (loop0): Ending clean mount
[  112.332794][ T5845] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  112.492762][ T6939] loop2: detected capacity change from 0 to 512
[  112.499822][ T6939] EXT4-fs: Ignoring removed nomblk_io_submit option
[  112.515455][ T6939] EXT4-fs: Ignoring removed bh option
[  112.532204][ T6939] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  112.555957][ T6939] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #11: comm syz.2.351: corrupted inode contents
[  112.560832][ T6939] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #11: comm syz.2.351: mark_inode_dirty error
[  112.569609][ T6939] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.351: invalid indirect mapped block 1 (level 1)
[  112.574441][ T6939] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #11: comm syz.2.351: corrupted inode contents
[  112.583055][ T6939] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[  112.586902][ T6939] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #11: comm syz.2.351: corrupted inode contents
[  112.591531][ T6939] EXT4-fs error (device loop2): ext4_truncate:4637: inode #11: comm syz.2.351: mark_inode_dirty error
[  112.596782][ T6939] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[  112.599953][ T6939] EXT4-fs (loop2): 1 truncate cleaned up
[  112.602537][ T6939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.628381][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.674875][ T6945] loop0: detected capacity change from 0 to 128
[  112.701386][ T6945] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  112.724370][ T6945] ext4 filesystem being mounted at /93/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  112.787639][ T6948] netlink: 264 bytes leftover after parsing attributes in process `syz.2.353'.
[  112.790997][ T6937] loop1: detected capacity change from 0 to 32768
[  112.804406][ T5845] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  112.976379][ T5850] Bluetooth: hci2: link tx timeout
[  112.978648][ T5850] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  112.985813][ T5855] Bluetooth: hci2: link tx timeout
[  112.987831][ T5855] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  113.695125][ T5313] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  113.855270][ T5313] usb 3-1: Using ep0 maxpacket: 8
[  113.863473][ T5313] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  113.867676][ T5313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.871569][ T5313] usb 3-1: Product: syz
[  113.873525][ T5313] usb 3-1: Manufacturer: syz
[  113.876304][ T5313] usb 3-1: SerialNumber: syz
[  113.881515][ T5313] usb 3-1: config 0 descriptor??
[  114.089792][ T6975] loop1: detected capacity change from 0 to 256
[  114.090245][ T5313] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  114.165983][ T6977] loop1: detected capacity change from 0 to 512
[  114.202140][ T6977] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.207231][ T6977] ext4 filesystem being mounted at /137/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  114.239615][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.499994][ T5313] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  114.512917][ T5313] usb 3-1: USB disconnect, device number 10
[  115.045260][ T5855] Bluetooth: hci2: command 0x0406 tx timeout
[  115.118987][ T6989] loop2: detected capacity change from 0 to 2048
[  115.129421][ T6989] hpfs: hpfs_map_sector(): read error
[  115.263075][ T6994] loop2: detected capacity change from 0 to 4096
[  115.269927][ T6994] EXT4-fs (loop2): Test dummy encryption mode enabled
[  115.279154][ T6994] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  115.282353][ T6994] System zones: 0-5
[  115.290314][ T6994] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.384263][ T6994] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  115.427852][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.522678][ T7012] loop2: detected capacity change from 0 to 1024
[  115.578576][ T6810] hfsplus: b-tree write err: -5, ino 4
[  116.676057][ T7051] loop1: detected capacity change from 0 to 128
[  116.688574][ T7051] FAT-fs (loop1): Directory bread(block 414) failed
[  116.697481][ T7051] FAT-fs (loop1): Directory bread(block 415) failed
[  116.700119][ T7051] FAT-fs (loop1): Directory bread(block 416) failed
[  116.702816][ T7051] FAT-fs (loop1): Directory bread(block 417) failed
[  116.707006][ T7051] FAT-fs (loop1): Directory bread(block 418) failed
[  116.709871][ T7051] FAT-fs (loop1): Directory bread(block 419) failed
[  116.712566][ T7051] FAT-fs (loop1): Directory bread(block 420) failed
[  116.716497][ T7051] FAT-fs (loop1): Directory bread(block 421) failed
[  116.723509][ T7051] netlink: 16 bytes leftover after parsing attributes in process `syz.1.393'.
[  116.839957][ T7054] loop1: detected capacity change from 0 to 2048
[  116.844463][ T7054] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  117.003709][ T7063] loop2: detected capacity change from 0 to 256
[  117.023498][ T7063] FAT-fs (loop2): Directory bread(block 64) failed
[  117.026230][ T7063] FAT-fs (loop2): Directory bread(block 65) failed
[  117.029024][ T7063] FAT-fs (loop2): Directory bread(block 66) failed
[  117.031609][ T7063] FAT-fs (loop2): Directory bread(block 67) failed
[  117.034300][ T7063] FAT-fs (loop2): Directory bread(block 68) failed
[  117.039187][ T7063] FAT-fs (loop2): Directory bread(block 69) failed
[  117.049581][ T7063] FAT-fs (loop2): Directory bread(block 70) failed
[  117.052140][ T7063] FAT-fs (loop2): Directory bread(block 71) failed
[  117.054690][ T7063] FAT-fs (loop2): Directory bread(block 72) failed
[  117.066293][ T7063] FAT-fs (loop2): Directory bread(block 73) failed
[  117.079333][ T7065] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  117.085883][ T7065] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  117.525293][ T5313] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  117.653267][ T7095] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  117.699486][ T5313] usb 3-1: unable to get BOS descriptor or descriptor too short
[  117.702930][ T5313] usb 3-1: not running at top speed; connect to a high speed hub
[  117.703827][ T7097] netlink: 8 bytes leftover after parsing attributes in process `syz.1.415'.
[  117.711009][ T5313] usb 3-1: config 1 interface 0 has no altsetting 0
[  117.718155][ T5313] usb 3-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.40
[  117.721442][ T5313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.724287][ T5313] usb 3-1: Product: syz
[  117.725921][ T5313] usb 3-1: Manufacturer: syz
[  117.727709][ T5313] usb 3-1: SerialNumber: syz
[  117.756536][ T7099] loop1: detected capacity change from 0 to 64
[  117.769675][ T7099] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  117.958273][ T5313] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input6
[  117.965154][ T5280] bcm5974 3-1:1.0: could not read from device
[  117.971407][ T5280] bcm5974 3-1:1.0: could not read from device
[  117.976813][ T5313] usb 3-1: USB disconnect, device number 11
[  117.981661][ T5280] bcm5974 3-1:1.0: could not read from device
[  118.032933][ T6120] udevd[6120]: Error opening device "/dev/input/event3": No such file or directory
[  118.037887][ T6120] udevd[6120]: Unable to EVIOCGABS device "/dev/input/event3"
[  118.042686][ T6120] udevd[6120]: Unable to EVIOCGABS device "/dev/input/event3"
[  118.048783][ T6120] udevd[6120]: Unable to EVIOCGABS device "/dev/input/event3"
[  118.051832][ T6120] udevd[6120]: Unable to EVIOCGABS device "/dev/input/event3"
[  118.083030][ T7111] loop1: detected capacity change from 0 to 128
[  118.207657][ T7115] loop1: detected capacity change from 0 to 4096
[  118.226459][ T7116] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  118.311081][ T7118] loop1: detected capacity change from 0 to 512
[  118.313829][ T7118] EXT4-fs: Ignoring removed i_version option
[  118.320677][ T7118] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  118.324544][ T7118] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  118.331137][ T7118] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  118.335885][ T7118] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=8002e01c, mo2=0006]
[  118.340045][ T7118] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.351751][ T7118] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  118.366509][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.507987][ T7125] loop2: detected capacity change from 0 to 764
[  118.528191][ T7125] rock: directory entry would overflow storage
[  118.530437][ T7125] rock: sig=0x4654, size=5, remaining=4
[  118.600182][ T7127] loop2: detected capacity change from 0 to 1024
[  118.627185][   T33] audit: type=1800 audit(1759295079.511:16): pid=7127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.429" name="file1" dev="loop2" ino=26 res=0 errno=0
[  118.715140][ T7131] loop2: detected capacity change from 0 to 1024
[  118.726732][ T7131] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.734271][ T7131] EXT4-fs: test_dummy_encryption requires encrypt feature
[  118.735104][ T5898] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  118.758666][ T5850] Bluetooth: hci2: unexpected event for opcode 0x2005
[  118.903578][ T5898] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  118.912458][ T5898] usb 2-1: config 0 has no interface number 0
[  118.920426][ T5898] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  118.923821][ T5898] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.929948][ T5898] usb 2-1: Product: syz
[  118.931783][ T5898] usb 2-1: Manufacturer: syz
[  118.934694][ T5898] usb 2-1: SerialNumber: syz
[  118.944467][ T5898] usb 2-1: config 0 descriptor??
[  118.963747][ T7136] SQUASHFS error: Failed to read block 0x0: -5
[  118.965812][ T7136] unable to read squashfs_super_block
[  119.159381][ T5898] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  119.174019][ T5898] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  119.178295][ T5898] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  119.181108][ T5898] usb 2-1: media controller created
[  119.233294][ T5898] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  119.363518][ T5898] i2c i2c-2: ec100: i2c rd failed=-71 reg=33
[  119.518498][ T5898] usb 2-1: USB disconnect, device number 4
[  120.000223][ T5850] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  120.010034][ T7140] loop2: detected capacity change from 0 to 512
[  120.014666][ T7140] EXT4-fs: Ignoring removed oldalloc option
[  120.027295][ T7140] EXT4-fs warning (device loop2): dx_probe:861: inode #2: comm syz.2.435: dx entry: limit 1024 != root limit 124
[  120.031282][ T7140] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.435: Corrupt directory, running e2fsck is recommended
[  120.041421][ T7140] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  120.044579][ T7140] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.435: corrupted in-inode xattr: invalid ea_ino
[  120.049319][ T7140] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.435: couldn't read orphan inode 15 (err -117)
[  120.054795][ T7140] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.078419][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.875394][ T7172] loop2: detected capacity change from 0 to 8
[  121.903279][ T7172] SQUASHFS error: lzo decompression failed, data probably corrupt
[  121.907057][ T7172] SQUASHFS error: Failed to read block 0x91: -5
[  121.909433][ T7172] SQUASHFS error: Unable to read metadata cache entry [8f]
[  121.912386][ T7172] SQUASHFS error: Unable to read inode 0x11f
[  121.952605][ T7172] loop2: detected capacity change from 0 to 8
[  122.075846][ T7172] unable to read fragment index table
[  122.468725][ T7176] loop0: detected capacity change from 0 to 4096
[  122.542101][ T7176] NILFS (loop0): invalid segment: Checksum error in segment payload
[  122.560944][ T7176] NILFS (loop0): trying rollback from an earlier position
[  122.593570][ T7178] loop2: detected capacity change from 0 to 512
[  122.609366][ T7178] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.449: bg 0: block 5: invalid block bitmap
[  122.613097][ T7176] NILFS (loop0): recovery complete
[  122.615813][ T7178] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  122.624576][ T7178] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.449: invalid indirect mapped block 4294967295 (level 1)
[  122.643649][ T7178] EXT4-fs (loop2): 1 orphan inode deleted
[  122.646558][ T7181] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  122.651590][ T7178] EXT4-fs (loop2): 1 truncate cleaned up
[  122.658083][ T7178] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.720121][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.116484][ T5898] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  123.275607][ T5898] usb 3-1: Using ep0 maxpacket: 32
[  123.285505][ T5898] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.297597][ T5898] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.308650][ T5898] usb 3-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  123.320027][ T7197] loop0: detected capacity change from 0 to 512
[  123.322576][ T5898] usb 3-1: config 0 interface 0 has no altsetting 0
[  123.325603][ T5898] usb 3-1: New USB device found, idVendor=04b3, idProduct=3109, bcdDevice= 0.00
[  123.338737][ T7197] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  123.342578][ T5898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.364411][ T7197] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.456: invalid indirect mapped block 83886080 (level 1)
[  123.371596][ T5898] usb 3-1: config 0 descriptor??
[  123.399658][ T7197] EXT4-fs (loop0): Remounting filesystem read-only
[  123.412117][ T7197] EXT4-fs (loop0): 1 orphan inode deleted
[  123.421309][ T7197] EXT4-fs (loop0): 1 truncate cleaned up
[  123.427838][ T7197] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.470451][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.792511][ T5898] lenovo 0003:04B3:3109.0005: reserved main item tag 0xd
[  123.822489][ T5898] lenovo 0003:04B3:3109.0005: hidraw0: USB HID v5f.b2 Device [HID 04b3:3109] on usb-dummy_hcd.2-1/input0
[  123.985985][ T5898] usb 3-1: USB disconnect, device number 12
[  124.814318][ T7217] loop1: detected capacity change from 0 to 512
[  124.836828][ T7217] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  124.857881][ T7217] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  124.861134][ T7217] System zones: 1-12
[  124.868370][ T7217] EXT4-fs (loop1): 1 truncate cleaned up
[  124.871906][ T7217] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.918893][ T7225] loop0: detected capacity change from 0 to 256
[  124.942398][ T7225] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  124.952712][ T7225] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  124.990378][ T7225] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  125.026365][ T7225] exFAT-fs (loop0): failed to load alloc-bitmap
[  125.029754][ T7225] exFAT-fs (loop0): failed to recognize exfat type
[  125.102524][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.805513][ T5898] usb 2-1: new low-speed USB device number 5 using dummy_hcd
[  125.978285][ T5898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.982459][ T5898] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0014, bcdDevice= 0.00
[  125.995192][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.006996][ T5898] usb 2-1: config 0 descriptor??
[  126.109102][ T7244] loop2: detected capacity change from 0 to 131072
[  126.116089][ T7244] F2FS-fs (loop2): Test dummy encryption mode enabled
[  126.122221][ T7244] F2FS-fs (loop2): invalid crc value
[  126.170518][ T7244] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  126.177490][ T7244] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  126.450025][ T5898] cmedia_hs100b 0003:0D8C:0014.0006: hidraw0: USB HID v0.00 Device [HID 0d8c:0014] on usb-dummy_hcd.1-1/input0
[  126.648115][ T5898] usb 2-1: USB disconnect, device number 5
[  127.268836][ T7266] loop1: detected capacity change from 0 to 736
[  127.282173][ T7262] loop0: detected capacity change from 0 to 131072
[  127.334171][ T7266] rock: directory entry would overflow storage
[  127.341409][ T7266] rock: sig=0x3b10, size=4, remaining=3
[  127.365560][ T7262] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  127.370059][ T7262] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  127.384287][ T7262] F2FS-fs (loop0): recover xattr in inode (7), error(0)
[  127.387494][ T7262] F2FS-fs (loop0): set inode (7) has corrupted xattr
[  127.402430][ T7262] F2FS-fs (loop0): lookup inode (7) has corrupted xattr
[  127.692339][ T7276] loop1: detected capacity change from 0 to 4096
[  127.749816][ T7277] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  128.118873][ T7286] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  128.136241][ T5884] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  128.415936][ T5884] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  128.420111][ T5884] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  128.423403][ T5884] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.467679][ T5884] usb 2-1: config 0 descriptor??
[  128.481457][ T7279] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  128.975953][ T5884] elan 0003:04F3:0755.0007: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[  130.263530][ T7298] loop2: detected capacity change from 0 to 131072
[  130.315404][ T7298] F2FS-fs (loop2): invalid crc value
[  130.617037][ T7298] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  130.626774][ T7298] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  130.698913][ T7298] F2FS-fs (loop2): f2fs_lookup: inode (ino=4) has zero i_nlink
[  131.905876][ T5898] usb 2-1: USB disconnect, device number 6
[  132.334189][ T7316] loop0: detected capacity change from 0 to 32768
[  132.383684][ T7316] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  132.410355][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  132.412364][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  132.417221][ T7316] XFS (loop0): Ending clean mount
[  132.428524][ T7316] XFS (loop0): Quotacheck needed: Please wait.
[  132.474394][ T7316] XFS (loop0): Quotacheck: Done.
[  133.270283][ T5845] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  133.331519][ T7339] loop2: detected capacity change from 0 to 1024
[  133.446459][ T6785] hfsplus: b-tree write err: -5, ino 4
[  133.759217][ T7354] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  134.064156][ T7361] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.512'.
[  134.347791][  T794] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  134.495312][  T794] usb 3-1: Using ep0 maxpacket: 32
[  134.498995][  T794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.505019][  T794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.508263][  T794] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  134.511075][  T794] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.516721][  T794] usb 3-1: config 0 descriptor??
[  134.656621][ T7367] loop1: detected capacity change from 0 to 32768
[  134.660570][ T7367] btrfs: Unknown parameter 'ref_verify'
[  134.792663][ T7371] netlink: 4 bytes leftover after parsing attributes in process `syz.1.517'.
[  134.798556][ T7371] netlink: 'syz.1.517': attribute type 15 has an invalid length.
[  134.803672][ T7371] netlink: 'syz.1.517': attribute type 18 has an invalid length.
[  134.833674][ T7371] vxlan0: entered promiscuous mode
[  134.845155][ T5862] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  134.854063][ T5862] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  134.860773][ T5862] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  134.864194][ T5862] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  134.948552][  T794] ft260 0003:0403:6030.0008: unknown main item tag 0x7
[  135.131903][  T794] ft260 0003:0403:6030.0008: chip code: 6424 8183
[  135.146552][ T7379] loop0: detected capacity change from 0 to 8192
[  135.218566][ T7379] FAT-fs (loop0): error, clusters badly computed (2 != 1)
[  135.222064][ T7379] FAT-fs (loop0): Filesystem has been set read-only
[  135.333770][  T794] ft260 0003:0403:6030.0008: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.2-1/input0
[  135.450409][ T7385] netlink: 'syz.0.524': attribute type 1 has an invalid length.
[  135.534277][  T794] ft260 0003:0403:6030.0008: failed to retrieve status: -71, no wakeup
[  135.538235][  T794] ft260 0003:0403:6030.0008: failed to retrieve status: -71
[  135.541527][  T794] ft260 0003:0403:6030.0008: failed to reset I2C controller: -71
[  135.554928][  T794] usb 3-1: USB disconnect, device number 13
[  136.234177][ T7405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.533'.
[  136.244937][ T7405] veth0_to_bond: entered allmulticast mode
[  136.263770][ T7405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.533'.
[  136.771878][ T7421] netlink: 204 bytes leftover after parsing attributes in process `syz.2.538'.
[  136.777123][ T7421] netlink: 72 bytes leftover after parsing attributes in process `syz.2.538'.
[  136.780585][ T7421] netlink: 24 bytes leftover after parsing attributes in process `syz.2.538'.
[  137.115781][ T7429] loop0: detected capacity change from 0 to 512
[  137.130935][ T7429] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  137.303866][ T7442] loop0: detected capacity change from 0 to 2048
[  137.319872][ T7442] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  137.608842][ T7467] 9pnet_fd: Insufficient options for proto=fd
[  138.726192][ T7492] netlink: 4 bytes leftover after parsing attributes in process `syz.2.570'.
[  138.828155][ T7497] Invalid ELF header magic: != ELF
[  139.403157][ T7503] loop1: detected capacity change from 0 to 512
[  139.440778][ T7503] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.452681][ T7503] ext4 filesystem being mounted at /215/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  139.489948][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.134108][ T7515] loop2: detected capacity change from 0 to 1024
[  140.191504][ T7515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  140.198922][ T7515] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.248497][ T7515] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.578: Freeing blocks not in datazone - block = 0, count = 16
[  140.262389][ T7515] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  140.360440][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  142.239211][ T7543] loop0: detected capacity change from 0 to 512
[  142.725239][ T5898] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  142.876816][ T5898] usb 2-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  142.880962][ T5898] usb 2-1: config 0 interface 0 has no altsetting 0
[  142.891747][ T5898] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  142.905076][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.911632][ T5898] usb 2-1: config 0 descriptor??
[  143.225435][ T5313] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  143.734025][ T5898] logitech 0003:046D:C29C.0009: hidraw0: USB HID v1.01 Device [HID 046d:c29c] on usb-dummy_hcd.1-1/input0
[  143.745129][ T5313] usb 3-1: Using ep0 maxpacket: 32
[  143.751244][ T5313] usb 3-1: New USB device found, idVendor=2040, idProduct=4901, bcdDevice=47.77
[  143.754943][ T5313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.758719][ T5313] usb 3-1: Product: syz
[  143.760594][ T5313] usb 3-1: Manufacturer: syz
[  143.762604][ T5313] usb 3-1: SerialNumber: syz
[  143.771448][ T5313] usb 3-1: config 0 descriptor??
[  143.780436][ T5313] hdpvr 3-1:0.0: Could not find bulk-in endpoint
[  143.783067][ T5313] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12
[  143.946494][ T5898] logitech 0003:046D:C29C.0009: no inputs found
[  143.956774][ T5898] usb 2-1: USB disconnect, device number 7
[  143.989056][ T5313] usb 3-1: USB disconnect, device number 14
[  144.295461][ T7586] loop0: detected capacity change from 0 to 32768
[  144.299906][ T7586] BTRFS warning: excessive commit interval 2147483647, use with care
[  144.304124][ T7586] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.607 (7586)
[  144.320497][ T7586] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  144.324421][ T7586] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  144.363351][ T7586] BTRFS info (device loop0): rebuilding free space tree
[  144.384309][ T7586] BTRFS info (device loop0): setting nodatasum
[  144.389528][ T7586] BTRFS info (device loop0): enabling ssd optimizations
[  144.392461][ T7586] BTRFS info (device loop0): turning off barriers
[  144.395982][ T7586] BTRFS info (device loop0): turning on flush-on-commit
[  144.398744][ T7586] BTRFS info (device loop0): enabling free space tree
[  144.401554][ T7586] BTRFS info (device loop0): force clearing of disk cache
[  144.404377][ T7586] BTRFS info (device loop0): max_inline set to 0
[  144.489200][ T5845] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  144.580375][ T7604] loop1: detected capacity change from 0 to 4096
[  144.610848][ T7604] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  144.613247][ T7604] ntfs3(loop1): Failed to load $Extend (-22).
[  144.622334][ T7604] ntfs3(loop1): Failed to initialize $Extend.
[  144.654786][ T7604] ntfs3(loop1): ino=1e, mi_enum_attr
[  144.974355][ T7608] loop2: detected capacity change from 0 to 32768
[  144.988911][ T7608] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  145.004009][ T7608] XFS (loop2): Ending clean mount
[  145.024764][ T5853] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  145.143422][   T33] audit: type=1326 audit(1759295106.011:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.1.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7df8f8ec29 code=0x7ffc0000
[  145.165141][   T33] audit: type=1326 audit(1759295106.011:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.1.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7df8f8ec29 code=0x7ffc0000
[  145.171538][   T33] audit: type=1326 audit(1759295106.011:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.1.619" exe="/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f7df8f8ec29 code=0x7ffc0000
[  145.208655][   T33] audit: type=1326 audit(1759295106.011:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.1.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7df8f8ec29 code=0x7ffc0000
[  145.225226][   T33] audit: type=1326 audit(1759295106.011:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.1.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7df8f8ec29 code=0x7ffc0000
[  145.433796][ T7645] loop2: detected capacity change from 0 to 40427
[  145.453785][ T7645] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  145.456347][ T7645] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  145.462623][ T7645] F2FS-fs (loop2): invalid crc value
[  145.574563][ T7645] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  145.585651][ T7645] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  145.588288][ T7645] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  146.280397][ T7661] netlink: 128 bytes leftover after parsing attributes in process `syz.0.626'.
[  146.289083][ T7661] netlink: 20 bytes leftover after parsing attributes in process `syz.0.626'.
[  147.759758][ T7683] loop2: detected capacity change from 0 to 256
[  147.805394][   T33] audit: type=1800 audit(1759295108.681:22): pid=7683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.637" name="file1" dev="loop2" ino=1048661 res=0 errno=0
[  148.095537][ T7694] netlink: 252 bytes leftover after parsing attributes in process `syz.2.642'.
[  148.099701][ T7694] netlink: 12 bytes leftover after parsing attributes in process `syz.2.642'.
[  149.644775][ T7711] loop2: detected capacity change from 0 to 32768
[  149.653957][ T7711] jfs_mount: diMount(ipaimap2) failed, rc = -5
[  149.664585][ T7711] Mount JFS Failure: -5
[  149.667045][ T7711] jfs_mount failed w/return code = -5
[  149.813022][ T7719] loop0: detected capacity change from 0 to 512
[  149.825673][ T7719] EXT4-fs: Ignoring removed nomblk_io_submit option
[  149.835093][ T7719] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  149.855596][ T7719] EXT4-fs (loop0): orphan cleanup on readonly fs
[  149.860887][ T7719] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  149.864069][ T7719] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  149.893034][ T7719] EXT4-fs (loop0): 1 truncate cleaned up
[  149.905890][ T7719] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  149.917456][ T7719] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.020016][ T7728] loop1: detected capacity change from 0 to 2048
[  150.076571][ T5295]  loop1: p3 p4 < >
[  150.078765][ T5295] loop1: p3 start 11362048 is beyond EOD, truncated
[  150.755115][ T5912] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  150.917196][ T5912] usb 3-1: unable to get BOS descriptor or descriptor too short
[  150.920743][ T5912] usb 3-1: not running at top speed; connect to a high speed hub
[  150.924765][ T5912] usb 3-1: config 8 has an invalid interface number: 24 but max is 0
[  150.927852][ T5912] usb 3-1: config 8 has no interface number 0
[  150.929802][ T5912] usb 3-1: config 8 interface 24 has no altsetting 0
[  150.935988][ T5912] usb 3-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[  150.945700][ T5912] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.948300][ T5912] usb 3-1: Product: syz
[  150.949497][ T5912] usb 3-1: Manufacturer: syz
[  150.964771][ T5912] usb 3-1: SerialNumber: syz
[  151.003949][ T5852] udevd[5852]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  151.121713][ T7726] loop0: detected capacity change from 0 to 262144
[  151.131462][ T7726] F2FS-fs (loop0): invalid crc value
[  151.218702][ T5912] vmk80xx 3-1:8.24: driver 'vmk80xx' failed to auto-configure device.
[  151.234057][ T7726] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  151.240262][ T5912] usb 3-1: USB disconnect, device number 15
[  151.249876][ T7726] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  152.110429][ T7776] loop1: detected capacity change from 0 to 256
[  152.265667][ T5898] usb 3-1: new full-speed USB device number 16 using dummy_hcd
[  152.582450][ T5898] usb 3-1: unable to get BOS descriptor or descriptor too short
[  152.586959][ T5898] usb 3-1: not running at top speed; connect to a high speed hub
[  152.591832][ T5898] usb 3-1: config 6 has an invalid interface number: 208 but max is 0
[  152.595156][ T5898] usb 3-1: config 6 has no interface number 0
[  152.597570][ T5898] usb 3-1: config 6 interface 208 has no altsetting 0
[  152.602401][ T5898] usb 3-1: New USB device found, idVendor=1410, idProduct=9010, bcdDevice=23.c2
[  152.606942][ T5898] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.609966][ T5898] usb 3-1: Product: syz
[  152.611612][ T5898] usb 3-1: Manufacturer: syz
[  152.613447][ T5898] usb 3-1: SerialNumber: syz
[  152.911894][ T5884] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  152.944916][ T5898] qmi_wwan 3-1:6.208: invalid descriptor buffer length
[  152.951484][ T5898] qmi_wwan 3-1:6.208: probe with driver qmi_wwan failed with error -22
[  152.960528][ T5898] usb 3-1: USB disconnect, device number 16
[  153.065145][ T5884] usb 2-1: Using ep0 maxpacket: 16
[  153.071910][ T5884] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  153.075686][ T5884] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.079298][ T5884] usb 2-1: Product: syz
[  153.081041][ T5884] usb 2-1: Manufacturer: syz
[  153.082905][ T5884] usb 2-1: SerialNumber: syz
[  153.088259][ T5884] usb 2-1: config 0 descriptor??
[  153.563613][ T5884] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  153.576875][ T5884] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  153.580688][ T5884] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  153.583329][ T5884] usb 2-1: media controller created
[  153.596163][ T5884] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  153.787794][   T33] audit: type=1326 audit(1759295114.671:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7802 comm="syz.2.688" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffadf38ec29 code=0x0
[  153.824327][ T5884] zl10353_read_register: readreg error (reg=127, ret==0)
[  153.833065][ T5884] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  153.842647][ T5884] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  153.865431][ T5884] usb 2-1: USB disconnect, device number 8
[  153.965625][ T5884] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  154.635810][ T7815] loop2: detected capacity change from 0 to 128
[  155.000705][ T7840] loop1: detected capacity change from 0 to 256
[  155.031468][ T7840] FAT-fs (loop1): Directory bread(block 64) failed
[  155.035763][ T7840] FAT-fs (loop1): Directory bread(block 65) failed
[  155.038368][ T7840] FAT-fs (loop1): Directory bread(block 66) failed
[  155.040911][ T7840] FAT-fs (loop1): Directory bread(block 67) failed
[  155.043365][ T7840] FAT-fs (loop1): Directory bread(block 68) failed
[  155.070422][ T7840] FAT-fs (loop1): Directory bread(block 69) failed
[  155.073659][ T7840] FAT-fs (loop1): Directory bread(block 70) failed
[  155.077478][ T7840] FAT-fs (loop1): Directory bread(block 71) failed
[  155.080199][ T7840] FAT-fs (loop1): Directory bread(block 72) failed
[  155.082789][ T7840] FAT-fs (loop1): Directory bread(block 73) failed
[  156.731029][ T7855] syz.1.708 (7855): drop_caches: 2
[  157.878844][ T7877] loop2: detected capacity change from 0 to 40427
[  157.893228][ T7877] F2FS-fs (loop2): invalid crc value
[  157.948727][ T7877] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  157.956512][ T7877] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  157.975421][   T33] audit: type=1800 audit(1759295118.851:24): pid=7877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.717" name="file1" dev="loop2" ino=10 res=0 errno=0
[  158.013899][ T5853] syz-executor: attempt to access beyond end of device
[  158.013899][ T5853] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  158.020195][ T5853] CPU: 1 UID: 0 PID: 5853 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  158.020214][ T5853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  158.020223][ T5853] Call Trace:
[  158.020228][ T5853]  <TASK>
[  158.020236][ T5853]  dump_stack_lvl+0x189/0x250
[  158.020263][ T5853]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.020277][ T5853]  ? __pfx_queue_work_on+0x10/0x10
[  158.020289][ T5853]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  158.020305][ T5853]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  158.020325][ T5853]  f2fs_handle_critical_error+0x37c/0x540
[  158.020343][ T5853]  f2fs_write_end_io+0x886/0xb60
[  158.020371][ T5853]  __submit_merged_bio+0x27a/0x6a0
[  158.020391][ T5853]  __submit_merged_write_cond+0x255/0x530
[  158.020413][ T5853]  f2fs_write_data_pages+0x261d/0x3000
[  158.020452][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  158.020512][ T5853]  ? folio_unqueue_deferred_split+0x93/0x230
[  158.020533][ T5853]  ? folios_put_refs+0x584/0x670
[  158.020559][ T5853]  ? __lock_acquire+0xab9/0xd20
[  158.020583][ T5853]  ? do_raw_spin_lock+0x121/0x290
[  158.020603][ T5853]  ? do_raw_spin_unlock+0x4d/0x240
[  158.020616][ T5853]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  158.020628][ T5853]  do_writepages+0x32e/0x550
[  158.020650][ T5853]  ? do_raw_spin_unlock+0x4d/0x240
[  158.020669][ T5853]  filemap_fdatawrite+0x199/0x240
[  158.020681][ T5853]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  158.020733][ T5853]  ? do_raw_spin_unlock+0x4d/0x240
[  158.020751][ T5853]  f2fs_sync_dirty_inodes+0x31f/0x830
[  158.020780][ T5853]  f2fs_write_checkpoint+0x93e/0x2440
[  158.020794][ T5853]  ? stack_depot_save_flags+0x40/0x860
[  158.020832][ T5853]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  158.020883][ T5853]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  158.020896][ T5853]  ? kfree+0x19a/0x6d0
[  158.020917][ T5853]  kill_f2fs_super+0x2cc/0x6d0
[  158.020935][ T5853]  ? __pfx_kill_f2fs_super+0x10/0x10
[  158.020963][ T5853]  ? shrinker_free+0x2ce/0x3e0
[  158.020985][ T5853]  deactivate_locked_super+0xbc/0x130
[  158.021007][ T5853]  cleanup_mnt+0x425/0x4c0
[  158.021026][ T5853]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.021045][ T5853]  task_work_run+0x1d4/0x260
[  158.021065][ T5853]  ? __pfx_task_work_run+0x10/0x10
[  158.021106][ T5853]  ? __x64_sys_umount+0x122/0x160
[  158.021123][ T5853]  ? exit_to_user_mode_loop+0x40/0x130
[  158.021146][ T5853]  exit_to_user_mode_loop+0xe9/0x130
[  158.021164][ T5853]  do_syscall_64+0x2bd/0xfa0
[  158.021179][ T5853]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.021193][ T5853]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.021206][ T5853]  ? exc_page_fault+0xab/0x100
[  158.021223][ T5853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.021235][ T5853] RIP: 0033:0x7ffadf38ff57
[  158.021251][ T5853] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  158.021261][ T5853] RSP: 002b:00007ffdcb1e08f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  158.021277][ T5853] RAX: 0000000000000000 RBX: 00007ffadf411c2d RCX: 00007ffadf38ff57
[  158.021285][ T5853] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdcb1e09b0
[  158.021292][ T5853] RBP: 00007ffdcb1e09b0 R08: 0000000000000000 R09: 0000000000000000
[  158.021299][ T5853] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdcb1e1a40
[  158.021306][ T5853] R13: 00007ffadf411c2d R14: 00000000000268c7 R15: 00007ffdcb1e1a80
[  158.021331][ T5853]  </TASK>
[  158.021337][ T5853] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  158.754275][ T5898] libceph: connect (1)[c::]:6789 error -101
[  158.761386][ T5898] libceph: mon0 (1)[c::]:6789 connect error
[  158.767532][ T5898] libceph: connect (1)[c::]:6789 error -101
[  158.769560][ T5898] libceph: mon0 (1)[c::]:6789 connect error
[  158.793976][ T7908] ceph: No mds server is up or the cluster is laggy
[  158.880417][ T7913] loop2: detected capacity change from 0 to 1024
[  159.194935][ T7919] netlink: 20 bytes leftover after parsing attributes in process `syz.2.732'.
[  159.915519][ T7922] loop0: detected capacity change from 0 to 32768
[  159.926297][ T7922] btrfs: Unknown parameter 'ref_verify'
[  160.534356][ T7938] loop2: detected capacity change from 0 to 131072
[  160.538471][ T7938] F2FS-fs (loop2): Invalid log sectorsize (67108873)
[  160.540904][ T7938] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  160.544459][ T7938] F2FS-fs (loop2): invalid crc value
[  160.593338][ T7938] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  160.607115][ T7938] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  160.609782][ T7938] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  160.674846][ T7957] loop1: detected capacity change from 0 to 512
[  160.719374][ T7957] EXT4-fs (loop1): orphan cleanup on readonly fs
[  160.733584][ T7957] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.746: corrupted in-inode xattr: invalid size in ea xattr
[  160.785788][ T7957] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.746: couldn't read orphan inode 15 (err -117)
[  160.807670][ T7957] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  161.465238][ T7967] syz.0.750 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  161.970051][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.247381][ T5898] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  162.334421][ T7981] loop2: detected capacity change from 0 to 512
[  162.356655][ T7981] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  162.375862][ T7981] EXT4-fs (loop2): 1 truncate cleaned up
[  162.378504][ T7981] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.416894][ T5898] usb 2-1: config 0 interface 0 altsetting 124 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  162.426064][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.430035][ T5898] usb 2-1: config 0 interface 0 altsetting 124 endpoint 0x81 has invalid wMaxPacketSize 0
[  162.433433][ T5898] usb 2-1: config 0 interface 0 has no altsetting 0
[  162.435819][ T5898] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  162.438693][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.443278][ T5898] usb 2-1: config 0 descriptor??
[  162.869601][ T5898] koneplus 0003:1E7D:2E22.000A: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.1-1/input0
[  162.890204][ T8002] loop0: detected capacity change from 0 to 512
[  162.893499][ T8002] EXT4-fs: Ignoring removed orlov option
[  162.902864][ T8002] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  162.913033][ T8002] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  162.920290][ T8002] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2853: Unable to expand inode 17. Delete some EAs or run e2fsck.
[  162.927099][ T8002] EXT4-fs (loop0): 1 orphan inode deleted
[  162.930455][ T8002] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.948761][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.992105][ T8005] loop0: detected capacity change from 0 to 1024
[  163.048160][ T8007] loop0: detected capacity change from 0 to 512
[  163.060234][ T8007] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.078307][ T5898] usb 2-1: USB disconnect, device number 9
[  163.110877][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.892831][ T8029] CUSE: info not properly terminated
[  164.116832][ T8033] netlink: 'syz.0.778': attribute type 1 has an invalid length.
[  164.119746][ T8033] netlink: 'syz.0.778': attribute type 4 has an invalid length.
[  164.123090][ T8033] netlink: 15130 bytes leftover after parsing attributes in process `syz.0.778'.
[  164.204514][ T8039] netlink: 28 bytes leftover after parsing attributes in process `syz.0.781'.
[  164.207494][ T8039] netlink: 28 bytes leftover after parsing attributes in process `syz.0.781'.
[  165.105143][  T794] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  165.257024][  T794] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.261604][  T794] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.266827][  T794] usb 2-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[  165.271186][  T794] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.277299][  T794] usb 2-1: config 0 descriptor??
[  165.507576][  T794] usbhid 2-1:0.0: can't add hid device: -71
[  165.513320][  T794] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  165.524492][  T794] usb 2-1: USB disconnect, device number 10
[  166.074401][ T8072] loop2: detected capacity change from 0 to 2048
[  166.078851][ T8072] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  166.093656][ T5852] udevd[5852]: incorrect nilfs2 checksum on /dev/loop2
[  166.103254][ T8075] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  166.183484][ T8077] loop2: detected capacity change from 0 to 512
[  166.190522][ T8077] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  166.194064][ T8077] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  166.201597][ T8077] EXT4-fs (loop2): 1 truncate cleaned up
[  166.206054][ T8077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.234232][ T8077] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  166.259695][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.422585][ T8093] netlink: 'syz.1.804': attribute type 2 has an invalid length.
[  166.738051][ T8119] netlink: 4 bytes leftover after parsing attributes in process `syz.2.815'.
[  166.894533][ T8129] netlink: 1 bytes leftover after parsing attributes in process `syz.1.821'.
[  167.321146][ T8163] loop0: detected capacity change from 0 to 1024
[  167.395407][ T8165] loop1: detected capacity change from 0 to 512
[  167.403904][ T8165] EXT4-fs: Ignoring removed bh option
[  167.416749][ T8165] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  167.443212][ T8165] EXT4-fs (loop1): 1 truncate cleaned up
[  167.449580][ T8165] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.495066][   T33] audit: type=1800 audit(1759295128.371:25): pid=8168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.833" name="file1" dev="loop0" ino=20 res=0 errno=0
[  167.512983][ T8168] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input9
[  167.539028][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.264362][ T8175] loop1: detected capacity change from 0 to 32768
[  168.267576][ T8175] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.837 (8175)
[  168.276141][ T8175] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  168.279197][ T8175] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  168.345176][ T8185] loop2: detected capacity change from 0 to 16
[  168.362550][ T8185] erofs (device loop2): mounted with root inode @ nid 36.
[  168.382857][ T8185] erofs (device loop2): bogus dirent @ nid 36
[  168.442680][ T8175] BTRFS info (device loop1): enabling ssd optimizations
[  168.456580][ T8175] BTRFS info (device loop1): enabling free space tree
[  169.310175][ T5846] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  169.337070][ T8208] loop2: detected capacity change from 0 to 128
[  170.191440][ T5853] FAT-fs (loop2): error, invalid access to FAT (entry 0xffff0000)
[  170.196955][ T5853] FAT-fs (loop2): Filesystem has been set read-only
[  170.203778][ T5853] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  170.208394][ T5853] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  170.319625][ T8171] ==================================================================
[  170.322624][ T8171] BUG: KASAN: slab-use-after-free in __mutex_lock+0x801/0x1350
[  170.325522][ T8171] Read of size 8 at addr ffff8881121600a0 by task khidpd_15c25886/8171
[  170.329273][ T8171] 
[  170.330512][ T8171] CPU: 0 UID: 0 PID: 8171 Comm: khidpd_15c25886 Not tainted syzkaller #0 PREEMPT(full) 
[  170.330529][ T8171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  170.330538][ T8171] Call Trace:
[  170.330544][ T8171]  <TASK>
[  170.330551][ T8171]  dump_stack_lvl+0x189/0x250
[  170.330570][ T8171]  ? __kasan_check_byte+0x12/0x40
[  170.330589][ T8171]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.330602][ T8171]  ? lock_release+0x4b/0x3e0
[  170.330621][ T8171]  ? __virt_addr_valid+0x4a5/0x5c0
[  170.330637][ T8171]  print_report+0xca/0x240
[  170.330655][ T8171]  ? __mutex_lock+0x801/0x1350
[  170.330671][ T8171]  kasan_report+0x118/0x150
[  170.330686][ T8171]  ? __mutex_lock+0x801/0x1350
[  170.330703][ T8171]  __mutex_lock+0x801/0x1350
[  170.330719][ T8171]  ? __mutex_lock+0x5bb/0x1350
[  170.330734][ T8171]  ? l2cap_unregister_user+0x6a/0x1b0
[  170.330750][ T8171]  ? __pfx___mutex_lock+0x10/0x10
[  170.330767][ T8171]  ? __pfx___timer_delete_sync+0x10/0x10
[  170.330784][ T8171]  l2cap_unregister_user+0x6a/0x1b0
[  170.330799][ T8171]  hidp_session_thread+0x3c9/0x410
[  170.330815][ T8171]  ? __pfx_hidp_session_thread+0x10/0x10
[  170.330828][ T8171]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  170.330842][ T8171]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  170.330857][ T8171]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  170.330871][ T8171]  ? __kthread_parkme+0x7b/0x200
[  170.330883][ T8171]  ? __kthread_parkme+0x1a1/0x200
[  170.330896][ T8171]  kthread+0x711/0x8a0
[  170.330910][ T8171]  ? __pfx_hidp_session_thread+0x10/0x10
[  170.330923][ T8171]  ? __pfx_kthread+0x10/0x10
[  170.330936][ T8171]  ? _raw_spin_unlock_irq+0x23/0x50
[  170.330949][ T8171]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.330962][ T8171]  ? __pfx_kthread+0x10/0x10
[  170.330975][ T8171]  ret_from_fork+0x4bc/0x870
[  170.330994][ T8171]  ? __pfx_ret_from_fork+0x10/0x10
[  170.331012][ T8171]  ? __switch_to_asm+0x39/0x70
[  170.331026][ T8171]  ? __switch_to_asm+0x33/0x70
[  170.331040][ T8171]  ? __pfx_kthread+0x10/0x10
[  170.331053][ T8171]  ret_from_fork_asm+0x1a/0x30
[  170.331073][ T8171]  </TASK>
[  170.331078][ T8171] 
[  170.406758][ T8171] Allocated by task 5853:
[  170.408497][ T8171]  kasan_save_track+0x3e/0x80
[  170.410332][ T8171]  __kasan_kmalloc+0x93/0xb0
[  170.412197][ T8171]  __kmalloc_noprof+0x411/0x7f0
[  170.414032][ T8171]  hci_alloc_dev_priv+0x28/0x2060
[  170.415927][ T8171]  vhci_create_device+0x120/0x650
[  170.417837][ T8171]  vhci_write+0x3ce/0x4a0
[  170.419527][ T8171]  vfs_write+0x5c9/0xb30
[  170.421108][ T8171]  ksys_write+0x145/0x250
[  170.422732][ T8171]  do_syscall_64+0xfa/0xfa0
[  170.424475][ T8171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.426723][ T8171] 
[  170.427635][ T8171] Freed by task 7529:
[  170.429111][ T8171]  kasan_save_track+0x3e/0x80
[  170.430915][ T8171]  __kasan_save_free_info+0x46/0x50
[  170.432832][ T8171]  __kasan_slab_free+0x5c/0x80
[  170.434650][ T8171]  kfree+0x19a/0x6d0
[  170.436120][ T8171]  bt_host_release+0x82/0x90
[  170.437862][ T8171]  device_release+0x9c/0x1c0
[  170.439614][ T8171]  kobject_put+0x22b/0x480
[  170.441267][ T8171]  vhci_release+0x15a/0x1a0
[  170.442979][ T8171]  __fput+0x44c/0xa70
[  170.444498][ T8171]  task_work_run+0x1d4/0x260
[  170.446272][ T8171]  do_exit+0x6b5/0x2300
[  170.447838][ T8171]  do_group_exit+0x21c/0x2d0
[  170.449579][ T8171]  get_signal+0x1285/0x1340
[  170.451279][ T8171]  arch_do_signal_or_restart+0xa0/0x790
[  170.453377][ T8171]  exit_to_user_mode_loop+0x72/0x130
[  170.455373][ T8171]  do_syscall_64+0x2bd/0xfa0
[  170.457115][ T8171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.459380][ T8171] 
[  170.460306][ T8171] Last potentially related work creation:
[  170.462510][ T8171]  kasan_save_stack+0x3e/0x60
[  170.464328][ T8171]  kasan_record_aux_stack+0xbd/0xd0
[  170.465899][ T8171]  insert_work+0x3d/0x330
[  170.467325][ T8171]  __queue_work+0xcd2/0xfb0
[  170.469060][ T8171]  queue_work_on+0x181/0x270
[  170.470726][ T8171]  hci_recv_frame+0x625/0x7c0
[  170.472520][ T8171]  vhci_write+0x358/0x4a0
[  170.474159][ T8171]  vfs_write+0x5c9/0xb30
[  170.475750][ T8171]  ksys_write+0x145/0x250
[  170.477205][ T8171]  do_syscall_64+0xfa/0xfa0
[  170.478692][ T8171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.480886][ T8171] 
[  170.481834][ T8171] Second to last potentially related work creation:
[  170.484000][ T8171]  kasan_save_stack+0x3e/0x60
[  170.485605][ T8171]  kasan_record_aux_stack+0xbd/0xd0
[  170.487571][ T8171]  insert_work+0x3d/0x330
[  170.489200][ T8171]  __queue_work+0xcd2/0xfb0
[  170.490891][ T8171]  queue_work_on+0x181/0x270
[  170.492631][ T8171]  hci_recv_frame+0x625/0x7c0
[  170.494458][ T8171]  vhci_write+0x358/0x4a0
[  170.496087][ T8171]  vfs_write+0x5c9/0xb30
[  170.497724][ T8171]  ksys_write+0x145/0x250
[  170.499465][ T8171]  do_syscall_64+0xfa/0xfa0
[  170.501241][ T8171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.503654][ T8171] 
[  170.504644][ T8171] The buggy address belongs to the object at ffff888112160000
[  170.504644][ T8171]  which belongs to the cache kmalloc-8k of size 8192
[  170.509969][ T8171] The buggy address is located 160 bytes inside of
[  170.509969][ T8171]  freed 8192-byte region [ffff888112160000, ffff888112162000)
[  170.515080][ T8171] 
[  170.515986][ T8171] The buggy address belongs to the physical page:
[  170.518447][ T8171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112160
[  170.521715][ T8171] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  170.524991][ T8171] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  170.527837][ T8171] page_type: f5(slab)
[  170.529388][ T8171] raw: 057ff00000000040 ffff88801ac42280 dead000000000100 dead000000000122
[  170.532588][ T8171] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  170.535848][ T8171] head: 057ff00000000040 ffff88801ac42280 dead000000000100 dead000000000122
[  170.539085][ T8171] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  170.542290][ T8171] head: 057ff00000000003 ffffea0004485801 00000000ffffffff 00000000ffffffff
[  170.545545][ T8171] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  170.548790][ T8171] page dumped because: kasan: bad access detected
[  170.551179][ T8171] page_owner tracks the page as allocated
[  170.553321][ T8171] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5592, tgid 5592 (dhcpcd), ts 39786780166, free_ts 39685174564
[  170.560879][ T8171]  post_alloc_hook+0x240/0x2a0
[  170.562732][ T8171]  get_page_from_freelist+0x2365/0x2440
[  170.564989][ T8171]  __alloc_frozen_pages_noprof+0x181/0x370
[  170.567223][ T8171]  alloc_pages_mpol+0x232/0x4a0
[  170.569028][ T8171]  allocate_slab+0x96/0x3a0
[  170.570761][ T8171]  ___slab_alloc+0xe94/0x1920
[  170.572541][ T8171]  __slab_alloc+0x65/0x100
[  170.574235][ T8171]  __kmalloc_node_track_caller_noprof+0x5c7/0x800
[  170.576653][ T8171]  kmalloc_reserve+0x136/0x290
[  170.578494][ T8171]  __alloc_skb+0x142/0x2d0
[  170.580196][ T8171]  netlink_dump+0x167/0xe90
[  170.581962][ T8171]  netlink_recvmsg+0x676/0xa30
[  170.583832][ T8171]  sock_recvmsg+0x22c/0x270
[  170.585539][ T8171]  ____sys_recvmsg+0x1c9/0x460
[  170.587440][ T8171]  ___sys_recvmsg+0x1b5/0x510
[  170.589280][ T8171]  __x64_sys_recvmsg+0x198/0x260
[  170.591330][ T8171] page last free pid 5678 tgid 5678 stack trace:
[  170.593795][ T8171]  __free_frozen_pages+0xbc4/0xd30
[  170.595772][ T8171]  __put_partials+0x146/0x170
[  170.597604][ T8171]  put_cpu_partial+0x1f2/0x2e0
[  170.599420][ T8171]  __slab_free+0x2b9/0x390
[  170.601148][ T8171]  qlist_free_all+0x97/0x140
[  170.602914][ T8171]  kasan_quarantine_reduce+0x148/0x160
[  170.605008][ T8171]  __kasan_slab_alloc+0x22/0x80
[  170.606859][ T8171]  kmem_cache_alloc_noprof+0x367/0x6e0
[  170.608845][ T8171]  getname_flags+0xb8/0x540
[  170.610579][ T8171]  vfs_fstatat+0x43/0x170
[  170.612221][ T8171]  __x64_sys_newfstatat+0x116/0x190
[  170.614282][ T8171]  do_syscall_64+0xfa/0xfa0
[  170.616007][ T8171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.618181][ T8171] 
[  170.619059][ T8171] Memory state around the buggy address:
[  170.621145][ T8171]  ffff88811215ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  170.624344][ T8171]  ffff888112160000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  170.627481][ T8171] >ffff888112160080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  170.630458][ T8171]                                ^
[  170.632345][ T8171]  ffff888112160100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  170.635367][ T8171]  ffff888112160180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  170.638346][ T8171] ==================================================================
[  170.642981][    C0] hpet: Lost 19 RTC interrupts
[  170.646326][ T8171] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  170.649074][ T8171] CPU: 0 UID: 0 PID: 8171 Comm: khidpd_15c25886 Not tainted syzkaller #0 PREEMPT(full) 
[  170.652703][ T8171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  170.656452][ T8171] Call Trace:
[  170.657693][ T8171]  <TASK>
[  170.658869][ T8171]  dump_stack_lvl+0x99/0x250
[  170.660752][ T8171]  ? __asan_memcpy+0x40/0x70
[  170.662618][ T8171]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.664689][ T8171]  ? __pfx__printk+0x10/0x10
[  170.666498][ T8171]  vpanic+0x237/0x6d0
[  170.668038][ T8171]  ? __pfx_vpanic+0x10/0x10
[  170.669766][ T8171]  panic+0xb9/0xc0
[  170.671217][ T8171]  ? __pfx_panic+0x10/0x10
[  170.672919][ T8171]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  170.675172][ T8171]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  170.677393][ T8171]  ? __mutex_lock+0x801/0x1350
[  170.679188][ T8171]  check_panic_on_warn+0x89/0xb0
[  170.681143][ T8171]  ? __mutex_lock+0x801/0x1350
[  170.683020][ T8171]  end_report+0x78/0x160
[  170.684736][ T8171]  kasan_report+0x129/0x150
[  170.686425][ T8171]  ? __mutex_lock+0x801/0x1350
[  170.688288][ T8171]  __mutex_lock+0x801/0x1350
[  170.690146][ T8171]  ? __mutex_lock+0x5bb/0x1350
[  170.692088][ T8171]  ? l2cap_unregister_user+0x6a/0x1b0
[  170.694280][ T8171]  ? __pfx___mutex_lock+0x10/0x10
[  170.696277][ T8171]  ? __pfx___timer_delete_sync+0x10/0x10
[  170.698363][ T8171]  l2cap_unregister_user+0x6a/0x1b0
[  170.700307][ T8171]  hidp_session_thread+0x3c9/0x410
[  170.702249][ T8171]  ? __pfx_hidp_session_thread+0x10/0x10
[  170.704431][ T8171]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  170.706725][ T8171]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  170.709170][ T8171]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  170.711590][ T8171]  ? __kthread_parkme+0x7b/0x200
[  170.713603][ T8171]  ? __kthread_parkme+0x1a1/0x200
[  170.715631][ T8171]  kthread+0x711/0x8a0
[  170.717253][ T8171]  ? __pfx_hidp_session_thread+0x10/0x10
[  170.719477][ T8171]  ? __pfx_kthread+0x10/0x10
[  170.721463][ T8171]  ? _raw_spin_unlock_irq+0x23/0x50
[  170.723458][ T8171]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.725508][ T8171]  ? __pfx_kthread+0x10/0x10
[  170.727365][ T8171]  ret_from_fork+0x4bc/0x870
[  170.729145][ T8171]  ? __pfx_ret_from_fork+0x10/0x10
[  170.731200][ T8171]  ? __switch_to_asm+0x39/0x70
[  170.733098][ T8171]  ? __switch_to_asm+0x33/0x70
[  170.734925][ T8171]  ? __pfx_kthread+0x10/0x10
[  170.736714][ T8171]  ret_from_fork_asm+0x1a/0x30
[  170.738554][ T8171]  </TASK>
[  170.740518][ T8171] Kernel Offset: disabled
[  170.742216][ T8171] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:05:31  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000006b RBX=000000000000006b RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90002e5f350
R8 =ffff8881065d8237 R9 =1ffff11020cbb046 R10=dffffc0000000000 R11=ffffffff8556cf50
R12=dffffc0000000000 R13=ffffffff99d19926 R14=ffffffff9a00f5a0 R15=0000000000000000
RIP=ffffffff8556cfcc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b83fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055f82c009258 CR3=000000002863a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000556261d4a6a8 0000000000000009 XMM01=0000000000000000 000055626d90f460
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=3f3f3f3f3f3f3f3f 3f3f3f3f3f3f3f3f
XMM06=9999999999999999 9999999999999999 XMM07=2020202020202020 2020202020202020
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=0000000000000000 RCX=9200a0e12ce96700 RDX=0000000000000000
RSI=ffffffff8c03da40 RDI=ffffffff8c03da00 RBP=ffffffff81f8803c RSP=ffffc9000308f060
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000406 R11=0000000000000000
R12=0000000000000002 R13=ffffffff8e33d320 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8b7fbb79 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a39fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffdcb1dbf88 CR3=000000000e138000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=00007f7df91a7498 00007f7df91a7470 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=00007f7df91a7478 00007f7df91a74c0
XMM06=00007f7df91a74b8 00007f7df91a74b0 XMM07=00007f7df91a74a8 00007f7df91a74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f7df9012fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
